openSUSE Leap 15.3: 2021:2184-1 Important: Kernel Security Update
opensuse
June 28, 2021
An update that solves four vulnerabilities and has 107 fixes is now available
Description
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core
Specification 2.1 may permit a nearby man-in-the-middle attacker to
identify the Passkey used during pairing by reflection of the public key
and the authentication evidence of the initiating device, potentially
permitting this attacker to complete authenticated pairing with the
responding device using the correct Passkey for the pairing session.
(bnc#1179610 bnc#1186463)
- CVE-2021-0129: Improper access control in BlueZ may have allowed an
authenticated user to potentially enable information disclosure via
adjacent access (bnc#1186463).
- CVE-2020-36385: Fixed a use-after-free in drivers/infiniband/core/ucma.c
which could be triggered if the ctx is reached via the ctx_list in some
ucma_migrate_id situations...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2184=1
Package List
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-59.10.1
cluster-md-kmp-default-debuginfo-5.3.18-59.10.1
dlm-kmp-default-5.3.18-59.10.1
dlm-kmp-default-debuginfo-5.3.18-59.10.1
gfs2-kmp-default-5.3.18-59.10.1
gfs2-kmp-default-debuginfo-5.3.18-59.10.1
kernel-default-5.3.18-59.10.1
kernel-default-base-5.3.18-59.10.1.18.4.2
kernel-default-base-rebuild-5.3.18-59.10.1.18.4.2
kernel-default-debuginfo-5.3.18-59.10.1
kernel-default-debugsource-5.3.18-59.10.1
kernel-default-devel-5.3.18-59.10.1
kernel-default-devel-debuginfo-5.3.18-59.10.1
kernel-default-extra-5.3.18-59.10.1
kernel-default-extra-debuginfo-5.3.18-59.10.1
kernel-default-livepatch-5.3.18-59.10.1
kernel-default-livepatch-devel-5.3.18-59.10.1
kernel-default-optional-5.3.18-59.10.1
kernel-default-optional-debuginfo-5.3.18-59.10.1
kernel-obs-build-5.3.18-59.10.1
kernel-obs-build-debugsource-5.3.18-59.10.1
kernel-obs-qa-5.3.18-59.10.1
kernel-syms-5.3.18-59.10.1
kselftests-kmp-default-5.3.18-59.10.1
kselftests-kmp-default-debug...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2020-26558.html
https://www.suse.com/security/cve/CVE-2020-36385.html
https://www.suse.com/security/cve/CVE-2020-36386.html
https://www.suse.com/security/cve/CVE-2021-0129.html
https://bugzilla.suse.com/1087082
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1174978
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176771
https://bugzilla.suse.com/1177666
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1178378
https://bugzilla.suse.com/1178612
https://bugzilla.suse.com/1179610
https://bugzilla.suse.com/1182999
https://bugzilla.suse.com/1183712
https://bugzilla.suse.com/1184259
https://bugzilla.suse.com/1184436
https://bugzilla.suse.com/1184631
https://bugzilla.suse.com/1185195
https://bugzilla.suse.com/1185428
https://bugzilla.suse.com/1185497
https://bugzilla.suse.com/1185570
https://bugzilla.suse.com/1185589
https://bugzilla.suse.com/1185675
https://bugzilla.suse.com/1185701
https://bugzilla.suse.com/1186...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:2184-1
Rating: important
Affected Products:
openSUSE Leap 15.3
ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!