SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 15
CVE-ID CVE-2014-7841
CVE-2020-36385
CVE-2021-20265
CVE-2021-33033
CVE-2021-3609
CVE-2021-3640
CVE-2021-3653
CVE-2021-3655
CVE-2021-3679
CVE-2021-37159
CVE-2021-3772
CVE-2021-38198
CVE-2021-42008
CVE-2021-42739
CVE-2021-43389
CWE-ID CWE-476
CWE-416
CWE-400
CWE-362
CWE-264
CWE-909
CWE-415
CWE-345
CWE-732
CWE-787
CWE-119
CWE-129
Exploitation vector Network
Public exploit Public exploit code for vulnerability #5 is available.
Public exploit code for vulnerability #13 is available.
Vulnerable software
 SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Debuginfo
Operating systems & Components / Operating system

kernel-pae-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-pae-debugsource
Operating systems & Components / Operating system package or component

kernel-pae-debuginfo
Operating systems & Components / Operating system package or component

kernel-ppc64-debugsource
Operating systems & Components / Operating system package or component

kernel-ppc64-debuginfo
Operating systems & Components / Operating system package or component

kernel-bigmem-debugsource
Operating systems & Components / Operating system package or component

kernel-bigmem-debuginfo
Operating systems & Components / Operating system package or component

kernel-xen-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-xen-debugsource
Operating systems & Components / Operating system package or component

kernel-xen-debuginfo
Operating systems & Components / Operating system package or component

kernel-ec2-debugsource
Operating systems & Components / Operating system package or component

kernel-ec2-debuginfo
Operating systems & Components / Operating system package or component

kernel-trace-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-trace-debugsource
Operating systems & Components / Operating system package or component

kernel-trace-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-pae-extra
Operating systems & Components / Operating system package or component

kernel-ppc64-extra
Operating systems & Components / Operating system package or component

kernel-trace-extra
Operating systems & Components / Operating system package or component

kernel-xen-extra
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-pae-devel
Operating systems & Components / Operating system package or component

kernel-pae-base
Operating systems & Components / Operating system package or component

kernel-pae
Operating systems & Components / Operating system package or component

kernel-default-man
Operating systems & Components / Operating system package or component

kernel-ppc64-devel
Operating systems & Components / Operating system package or component

kernel-ppc64-base
Operating systems & Components / Operating system package or component

kernel-ppc64
Operating systems & Components / Operating system package or component

kernel-bigmem-devel
Operating systems & Components / Operating system package or component

kernel-bigmem-base
Operating systems & Components / Operating system package or component

kernel-bigmem
Operating systems & Components / Operating system package or component

kernel-xen-devel
Operating systems & Components / Operating system package or component

kernel-xen-base
Operating systems & Components / Operating system package or component

kernel-xen
Operating systems & Components / Operating system package or component

kernel-ec2-devel
Operating systems & Components / Operating system package or component

kernel-ec2-base
Operating systems & Components / Operating system package or component

kernel-ec2
Operating systems & Components / Operating system package or component

kernel-trace-devel
Operating systems & Components / Operating system package or component

kernel-trace-base
Operating systems & Components / Operating system package or component

kernel-trace
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 15 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU41051

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2014-7841

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a malformed INIT chunk.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU58332

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36385

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in drivers/infiniband/core/ucma.c, because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource exhaustion

EUVDB-ID: #VU51548

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-20265

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU55261

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-33033

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper handling of the CIPSO and CALIPSO refcounting for the DOI definitions in cipso_v4_genopt(0 function in net/ipv4/cipso_ipv4.c in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with escalated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Race condition

EUVDB-ID: #VU54292

Risk: Medium

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2021-3609

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the CAN BCM networking protocol (net/can/bcm.c) in the Linux kernel ranging from version 2.6.25 to mainline 5.13-rc6. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

6) Use-after-free

EUVDB-ID: #VU63769

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3640

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Security restrictions bypass

EUVDB-ID: #VU56904

Risk: Low

CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3653

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest.

As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Missing initialization of resource

EUVDB-ID: #VU61098

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3655

CWE-ID: CWE-909 - Missing initialization of resource

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to missing initialization of resource in the Linux kernel when processing inbound SCTP packets. A remote attacker can send specially crafted SCTP packets to the system and force the kernel to read uninitialized memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Resource exhaustion

EUVDB-ID: #VU63664

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3679

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to lack of CPU resource in the Linux kernel tracing module functionality when using trace ring buffer in a specific way. A privileged local user (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Double Free

EUVDB-ID: #VU63575

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-37159

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to hso_free_net_device() function in drivers/net/usb/hso.c in the Linux kernel calls unregister_netdev without checking for the NETREG_REGISTERED state. A local user can trigger double free and use-after-free errors and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Insufficient verification of data authenticity

EUVDB-ID: #VU63835

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3772

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack (DoS) on the target system.

The vulnerability exists due to insufficient verification of data authenticity in the Linux SCTP stack. A remote attacker can exploit this vulnerability to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Incorrect permission assignment for critical resource

EUVDB-ID: #VU63665

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38198

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page. A local user can trigger an error to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds write

EUVDB-ID: #VU63669

Risk: Low

CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2021-42008

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the decode_data() function in drivers/net/hamradio/6pack.c in the Linux kernel. A local user can send input from a process that has the CAP_NET_ADMIN capability and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

14) Buffer overflow

EUVDB-ID: #VU59474

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-42739

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper Validation of Array Index

EUVDB-ID: #VU63385

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-43389

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to improper validation of array index in the ISDN CAPI implementation within detach_capi_ctr() function in drivers/isdn/capi/kcapi.c. local user can send specially crafted data to the system and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 11-EXTRA - 11-SP4-LTSS-EXTREME-CORE

SUSE Linux Enterprise Debuginfo: 11-SP4

kernel-pae-devel-debuginfo: before 3.0.101-108.132.1

kernel-pae-debugsource: before 3.0.101-108.132.1

kernel-pae-debuginfo: before 3.0.101-108.132.1

kernel-ppc64-debugsource: before 3.0.101-108.132.1

kernel-ppc64-debuginfo: before 3.0.101-108.132.1

kernel-bigmem-debugsource: before 3.0.101-108.132.1

kernel-bigmem-debuginfo: before 3.0.101-108.132.1

kernel-xen-devel-debuginfo: before 3.0.101-108.132.1

kernel-xen-debugsource: before 3.0.101-108.132.1

kernel-xen-debuginfo: before 3.0.101-108.132.1

kernel-ec2-debugsource: before 3.0.101-108.132.1

kernel-ec2-debuginfo: before 3.0.101-108.132.1

kernel-trace-devel-debuginfo: before 3.0.101-108.132.1

kernel-default-devel-debuginfo: before 3.0.101-108.132.1

kernel-trace-debugsource: before 3.0.101-108.132.1

kernel-trace-debuginfo: before 3.0.101-108.132.1

kernel-default-debugsource: before 3.0.101-108.132.1

kernel-default-debuginfo: before 3.0.101-108.132.1

kernel-pae-extra: before 3.0.101-108.132.1

kernel-ppc64-extra: before 3.0.101-108.132.1

kernel-trace-extra: before 3.0.101-108.132.1

kernel-xen-extra: before 3.0.101-108.132.1

kernel-default-extra: before 3.0.101-108.132.1

kernel-pae-devel: before 3.0.101-108.132.1

kernel-pae-base: before 3.0.101-108.132.1

kernel-pae: before 3.0.101-108.132.1

kernel-default-man: before 3.0.101-108.132.1

kernel-ppc64-devel: before 3.0.101-108.132.1

kernel-ppc64-base: before 3.0.101-108.132.1

kernel-ppc64: before 3.0.101-108.132.1

kernel-bigmem-devel: before 3.0.101-108.132.1

kernel-bigmem-base: before 3.0.101-108.132.1

kernel-bigmem: before 3.0.101-108.132.1

kernel-xen-devel: before 3.0.101-108.132.1

kernel-xen-base: before 3.0.101-108.132.1

kernel-xen: before 3.0.101-108.132.1

kernel-ec2-devel: before 3.0.101-108.132.1

kernel-ec2-base: before 3.0.101-108.132.1

kernel-ec2: before 3.0.101-108.132.1

kernel-trace-devel: before 3.0.101-108.132.1

kernel-trace-base: before 3.0.101-108.132.1

kernel-trace: before 3.0.101-108.132.1

kernel-syms: before 3.0.101-108.132.1

kernel-source: before 3.0.101-108.132.1

kernel-default-devel: before 3.0.101-108.132.1

kernel-default-base: before 3.0.101-108.132.1

kernel-default: before 3.0.101-108.132.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###