Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

SUSE Linux 12-SP5: 2021:0348-1 Important: Kernel Security Update

suse
Calendar Grey February 9, 2021
Dist Suse Esm H88
Important patch release for Linux Kernel tackling 9 vulnerabilities, with 75 improvements provided. System restart needed post-installation.
An update that solves 9 vulnerabilities and has 75 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349). - CVE-2021-20177: Fixed a kernel panic related to iptables string matching rules. A privileged user could insert a rule which could lead to denial of service (bnc#1180765). - CVE-2021-0342: In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. (bnc#1180812) - CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was found, specifically in the way user calls Ioctl after open dev file and

References

#1046305 #1046306 #1046540 #1046542 #1046648

#1050242 #1050244 #1050536 #1050538 #1050545

#1056653 #1056657 #1056787 #1064802 #1066129

#1073513 #1074220 #1075020 #1086282 #1086301

#1086313 #1086314 #1098633 #1103990 #1103991

#1103992 #1104270 #1104277 #1104279 #1104353

#1104427 #1104742 #1104745 #1109837 #1111981

#1112178 #1112374 #1113956 #1119113 #1126206

#1126390 #1127354 #1127371 #1129770 #1136348

#1144912 #1149032 #1163727 #1172145 #1174206

#1176831 #1176846 #1178036 #1178049 #1178372

#1178631 #1178684 #1178900 #1179093 #1179508

#1179509 #1179563 #1179573 #1179575 #1179878

#1180008 #1180130 #1180559 #1180562 #1180676

#1180765 #1180812 #1180859 #1180891 #1180912

#1181001 #118...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:0348-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.