Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 529
Alerts This Week
Warning Icon 1 529

SUSE Linux 11-SP4: 2021:14764-1 Important Kernel Security Fix

suse
Calendar Grey July 13, 2021
Scroller Suse Esm H88
SUSE has issued a Security Update for the Linux Kernel that addresses 9 vulnerabilities deemed critical. Prompt response is advised.
An update that solves 9 vulnerabilities and has two fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-0512: Fixed a possible out of bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1187595) - CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (bsc#1187452) - CVE-2020-36386: Fixed an out-of-bounds read in hci_extended_inquiry_result_evt. (bsc#1187038) - CVE-2020-24588: Fixed a bug that could allow an adversary to abuse

References

#1184081 #1184391 #1184611 #1185859 #1185861

#1185862 #1185863 #1186062 #1187038 #1187452

#1187595

Cross- CVE-2020-24586 CVE-2020-24587 CVE-2020-24588

CVE-2020-26139 CVE-2020-36386 CVE-2021-0512

CVE-2021-29154 CVE-2021-32399 CVE-2021-34693

CVSS scores:

CVE-2020-24586 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CVE-2020-24586 (SUSE): 4.7 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CVE-2020-24587 (NVD) : 2.6 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CVE-2020-24587 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:14764-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.