Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

SUSE: 2021:0354-1 Important: Kernel Security Fixes and Threats

suse
Calendar Grey February 9, 2021
Dist Suse Esm H88
SUSE Security Patch for Linux Kernel: Essential updates resolving 10 flaws and serious risks.
An update that solves 9 vulnerabilities and has 56 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349). - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup (bnc#1181504). - CVE-2021-20177: Fixed a kernel panic related to iptables string matching rules. A privileged user could insert a rule which could lead to denial of service (bnc#1180765). - CVE-2021-0342: In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation

References

#1065600 #1149032 #1152472 #1152489 #1153274

#1154353 #1155518 #1163930 #1165545 #1167773

#1172355 #1175389 #1176395 #1176831 #1176846

#1178142 #1178631 #1179142 #1179396 #1179508

#1179509 #1179567 #1179572 #1179575 #1179878

#1180008 #1180130 #1180264 #1180412 #1180759

#1180765 #1180773 #1180809 #1180812 #1180848

#1180859 #1180889 #1180891 #1180971 #1181014

#1181018 #1181077 #1181104 #1181148 #1181158

#1181161 #1181169 #1181203 #1181217 #1181218

#1181219 #1181220 #1181237 #1181318 #1181335

#1181346 #1181349 #1181425 #1181494 #1181504

#1181511 #1181538 #1181553 #1181584 #1181645

Cross- CVE-2020-25211 CVE-2020-25639 CVE-2020-27835

CVE-2020-29568 CVE-2020-29569 CVE-2021-0342

CVE-202...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:0354-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.