openSUSE 15.2: OPENUSE-SU-2021-0532-1 Important: Kernel Security Update
opensuse
April 10, 2021
An update that solves 21 vulnerabilities and has 74 fixes is now available
Description
The openSUSE Leap 15.2 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184170).
- CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent
(bsc#1173485).
- CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed
attackers to obtain sensitive information from kernel memory because of
a partially uninitialized data structure (bsc#1184192 ).
- CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have
allowed attackers to cause a denial of service due to race conditions
during an update of the local and shared status (bsc#1184167).
- CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver
which could have allowed...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-532=1
Package List
- openSUSE Leap 15.2 (noarch):
kernel-devel-5.3.18-lp152.69.1
kernel-docs-5.3.18-lp152.69.1
kernel-docs-html-5.3.18-lp152.69.1
kernel-macros-5.3.18-lp152.69.1
kernel-source-5.3.18-lp152.69.1
kernel-source-vanilla-5.3.18-lp152.69.1
- openSUSE Leap 15.2 (x86_64):
kernel-debug-5.3.18-lp152.69.1
kernel-debug-debuginfo-5.3.18-lp152.69.1
kernel-debug-debugsource-5.3.18-lp152.69.1
kernel-debug-devel-5.3.18-lp152.69.1
kernel-debug-devel-debuginfo-5.3.18-lp152.69.1
kernel-default-5.3.18-lp152.69.1
kernel-default-base-5.3.18-lp152.69.1.lp152.8.28.1
kernel-default-base-rebuild-5.3.18-lp152.69.1.lp152.8.28.1
kernel-default-debuginfo-5.3.18-lp152.69.1
kernel-default-debugsource-5.3.18-lp152.69.1
kernel-default-devel-5.3.18-lp152.69.1
kernel-default-devel-debuginfo-5.3.18-lp152.69.1
kernel-kvmsmall-5.3.18-lp152.69.1
kernel-kvmsmall-debuginfo-5.3.18-lp152.69.1
kernel-kvmsmall-debugsource-5.3.18-lp152.69.1
kernel-kvmsmall-devel-5.3.18-lp152.69.1
kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.69.1
kernel-obs-build-5.3.18-lp152.6...
Read the Full AdvisoryReferences
bsc#1183015,bsc#1182595
- crypto: aesni - prevent misaligned buffers on the stack (git-fixes).
- crypto: arm64/sha - add missing module aliases (git-fixes).
- crypto: bcm - Rename struct device_private to bcm_device_private
(git-fixes).
- crypto: Kconfig - CRYPTO_MANAGER_EXTRA_TESTS requires the manager
(git-fixes).
- crypto: tcrypt - avoid signed overflow in byte count (git-fixes).
- Delete patches.suse/sched-Reenable-interrupts-in-do_sched_yield.patch
(bsc#1183530)
- drivers/misc/vmw_vmci: restrict too big queue size in
qp_host_alloc_queue (git-fixes).
- drm/amd/display: Guard against NULL pointer deref when get_i2c_info
fails (git-fixes).
- drm/amdgpu: Add check to prevent IH overflow (git-fixes).
- drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie
(git-fixes).
- drm/amdkfd: Put ACPI table after using it (bsc#1152489) Backporting
notes: * context changes
- drm/amd/powerplay: fix spelling mistake "smu_state_memroy_block" ->
(bsc#1152489) Backporting notes: * rename amd/pm to
amd/po...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:0532-1
Rating: important
Affected Products:
openSUSE Leap 15.2
ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!