Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

SUSE: 2022:0456-2 Critical: Remote Access Vulnerabilities Identified

suse
Calendar Grey February 9, 2021
Dist Suse Esm H88
SUSE has issued an essential security update for the Linux Kernel, fixing critical vulnerabilities that could compromise system integrity and security
An update that solves 11 vulnerabilities and has 62 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349). - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup (bnc#1181504). - CVE-2021-20177: Fixed a kernel panic related to iptables string matching rules. A privileged user could insert a rule which could lead to denial of service (bnc#1180765). - CVE-2021-0342: In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation

Topics%20covered

Topics Covered

security advisory denial of service security update important local escalation kernel fixes SUSE Linux Enterprise Module

References

#1065600 #1149032 #1152472 #1152489 #1153274

#1154353 #1155518 #1163727 #1163930 #1165545

#1167773 #1172355 #1175389 #1176395 #1176831

#1176846 #1178142 #1178372 #1178631 #1178684

#1179142 #1179396 #1179508 #1179509 #1179567

#1179572 #1179575 #1179878 #1180008 #1180130

#1180264 #1180412 #1180541 #1180559 #1180562

#1180566 #1180676 #1180759 #1180765 #1180773

#1180809 #1180812 #1180848 #1180859 #1180889

#1180891 #1180971 #1181014 #1181018 #1181077

#1181104 #1181148 #1181158 #1181161 #1181169

#1181203 #1181217 #1181218 #1181219 #1181220

#1181237 #1181318 #1181335 #1181346 #1181349

#1181425 #1181494 #1181504 #1181511 #1181538

#1181553 #1181584 #1181645

Cross- CVE-2020-25211 CVE-2020-25639 CVE-2020-27835

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:0347-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service security update important local escalation kernel fixes SUSE Linux Enterprise Module

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here