openSUSE 15.2: 2021:0716-1 Important: Kernel Denial Of Service Fix
opensuse
May 12, 2021
An update that solves two vulnerabilities and has 55 fixes is now available
Description
The openSUSE Leap 15.2 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2021-29650: The netfilter subsystem allowed attackers to cause a
denial of service (panic) because net/netfilter/x_tables.c and
include/linux/netfilter/x_tables.h lack a full memory barrier upon the
assignment of a new table value, aka CID-175e476b8cdf (bnc#1184208).
- CVE-2021-29155: kernel/bpf/verifier.c performs undesirable out-of-bounds
speculation on pointer arithmetic, leading to side-channel attacks that
defeat Spectre mitigations and obtain sensitive information from kernel
memory. Specifically, for sequences of pointer arithmetic operations,
the pointer modification performed by the first operation is not
correctly accounted for when restricting subsequent operations
(bnc#1184942).
The following non-security bugs were fixed:
- ACPI: CPPC: Replace cppc_attr with kobj_attribute...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-716=1
Package List
- openSUSE Leap 15.2 (x86_64):
kernel-debug-5.3.18-lp152.75.1
kernel-debug-debuginfo-5.3.18-lp152.75.1
kernel-debug-debugsource-5.3.18-lp152.75.1
kernel-debug-devel-5.3.18-lp152.75.1
kernel-debug-devel-debuginfo-5.3.18-lp152.75.1
kernel-default-5.3.18-lp152.75.1
kernel-default-base-5.3.18-lp152.75.1.lp152.8.32.1
kernel-default-base-rebuild-5.3.18-lp152.75.1.lp152.8.32.1
kernel-default-debuginfo-5.3.18-lp152.75.1
kernel-default-debugsource-5.3.18-lp152.75.1
kernel-default-devel-5.3.18-lp152.75.1
kernel-default-devel-debuginfo-5.3.18-lp152.75.1
kernel-kvmsmall-5.3.18-lp152.75.1
kernel-kvmsmall-debuginfo-5.3.18-lp152.75.1
kernel-kvmsmall-debugsource-5.3.18-lp152.75.1
kernel-kvmsmall-devel-5.3.18-lp152.75.1
kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.75.1
kernel-obs-build-5.3.18-lp152.75.1
kernel-obs-build-debugsource-5.3.18-lp152.75.1
kernel-obs-qa-5.3.18-lp152.75.1
kernel-preempt-5.3.18-lp152.75.1
kernel-preempt-debuginfo-5.3.18-lp152.75.1
kernel-preempt-debugsource-5.3.18-lp152.75.1
kernel-preempt-devel-5.3.1...
Read the Full AdvisoryReferences
- spi: spi-fsl-dspi: set ColdFire to DMA mode (bsc#1167260).
- spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs
(bsc#1167260).
- spi: spi-ti-qspi: Free DMA resources (git-fixes).
- staging: fwserial: fix TIOCGSERIAL implementation (git-fixes).
- staging: fwserial: fix TIOCSSERIAL implementation (git-fixes).
- staging: fwserial: fix TIOCSSERIAL jiffies conversions (git-fixes).
- staging: fwserial: fix TIOCSSERIAL permission check (git-fixes).
- staging: rtl8192u: Fix potential infinite loop (git-fixes).
- thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has
changed (git-fixes).
- usb: Remove dev_err() usage after platform_get_irq() (git-fixes).
- usb: dwc2: Fix hibernation between host and device modes (git-fixes).
- usb: dwc2: Fix host mode hibernation exit with remote wakeup flow
(git-fixes).
- usb: dwc2: Fix session request interrupt handler (git-fixes).
- usb: dwc3: Switch to use device_property_count_u32() (git-fixes).
- usb: dwc3: Update soft-reset wait polling...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:0716-1
Rating: important
Affected Products:
openSUSE Leap 15.2
ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!