Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

openSUSE 15.2: 2021:0394-1 critical: Kernel Security Issues Details

opensuse
Calendar Grey March 8, 2021
Dist Opensuse Esm H88
openSUSE Security Update: Security update for the Linux Kernel _____________________________________
An update that solves 9 vulnerabilities and has 115 fixes is now available

Description

The openSUSE Linux Leap 15.2 kernel was updated to receive various

security and bugfixes.

The following security bugs were fixed:

- CVE-2021-26930: Fixed an improper error handling in blkback's grant

mapping (XSA-365 bsc#1181843).

- CVE-2021-26931: Fixed an issue where Linux kernel was treating grant

mapping errors as bugs (XSA-362 bsc#1181753).

- CVE-2021-26932: Fixed improper error handling issues in Linux grant

mapping (XSA-361 bsc#1181747). by remote attackers to read or write

files via directory traversal in an XCOPY request (bsc#178372).

- CVE-2020-12362: Fixed an integer overflow in the firmware which may have

allowed a privileged user to potentially enable an escalation of

privilege via local access (bsc#1181720).

- CVE-2020-12363: Fixed an improper input validation which may have

allowed a privileged user to potentially enable a denial of service via

local access (bsc#1181735).

- CVE-2020-12364: Fixed a...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-393=1

Package List

- openSUSE Leap 15.2 (x86_64):

kernel-debug-5.3.18-lp152.66.2

kernel-debug-debuginfo-5.3.18-lp152.66.2

kernel-debug-debugsource-5.3.18-lp152.66.2

kernel-debug-devel-5.3.18-lp152.66.2

kernel-debug-devel-debuginfo-5.3.18-lp152.66.2

kernel-default-5.3.18-lp152.66.2

kernel-default-base-5.3.18-lp152.66.2.lp152.8.23.2

kernel-default-base-rebuild-5.3.18-lp152.66.2.lp152.8.23.2

kernel-default-debuginfo-5.3.18-lp152.66.2

kernel-default-debugsource-5.3.18-lp152.66.2

kernel-default-devel-5.3.18-lp152.66.2

kernel-default-devel-debuginfo-5.3.18-lp152.66.2

kernel-kvmsmall-5.3.18-lp152.66.2

kernel-kvmsmall-debuginfo-5.3.18-lp152.66.2

kernel-kvmsmall-debugsource-5.3.18-lp152.66.2

kernel-kvmsmall-devel-5.3.18-lp152.66.2

kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.66.2

kernel-obs-build-5.3.18-lp152.66.2

kernel-obs-build-debugsource-5.3.18-lp152.66.2

kernel-obs-qa-5.3.18-lp152.66.2

kernel-preempt-5.3.18-lp152.66.2

kernel-preempt-debuginfo-5.3.18-lp152.66.2

kernel-preempt-debugsource-5.3.18-lp152.66.2

kernel-preempt-devel-5.3.1...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2020-12362.html

https://www.suse.com/security/cve/CVE-2020-12363.html

https://www.suse.com/security/cve/CVE-2020-12364.html

https://www.suse.com/security/cve/CVE-2020-12373.html

https://www.suse.com/security/cve/CVE-2020-29368.html

https://www.suse.com/security/cve/CVE-2020-29374.html

https://www.suse.com/security/cve/CVE-2021-26930.html

https://www.suse.com/security/cve/CVE-2021-26931.html

https://www.suse.com/security/cve/CVE-2021-26932.html

https://bugzilla.suse.com/1065600

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1078720

https://bugzilla.suse.com/1081134

https://bugzilla.suse.com/1084610

https://bugzilla.suse.com/1132477

https://bugzilla.suse.com/1151927

https://bugzilla.suse.com/1152472

https://bugzilla.suse.com/1152489

https://bugzilla.suse.com/1154353

https://bugzilla.suse.com/1155518

https://bugzilla.suse.com/1156395

https://bugzilla.suse.com/1163776

https://bugzilla.suse.com/1169514

https://bugzilla.suse.com/1170442

https://bugzilla.suse.com/11...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2021:0393-1
Rating: important
Affected Products: openSUSE Leap 15.2 ble.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here