Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 527
Alerts This Week
Warning Icon 1 527

SUSE Linux 12 SP2: 2021:1617-1 Important Kernel Security Update

suse
Calendar Grey May 17, 2021
Scroller Suse
An Ubuntu security patch resolves 25 weaknesses in the Linux OS, improving system security and performance.
An update that solves 22 vulnerabilities and has four fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509). - CVE-2021-29650: Fixed an issue inside the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208). - CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bnc#1184391). - CVE-2020-25673: Fixed NFC endless loops caused by repeated llcp_sock_connect() (bsc#1178181).

References

#1165629 #1173485 #1176720 #1178181 #1182715

#1182716 #1182717 #1183022 #1183069 #1183593

#1184120 #1184167 #1184168 #1184194 #1184198

#1184208 #1184211 #1184391 #1184393 #1184397

#1184509 #1184611 #1184952 #1185555 #1185556

#1185557

Cross- CVE-2020-0433 CVE-2020-1749 CVE-2020-25670

CVE-2020-25671 CVE-2020-25672 CVE-2020-25673

CVE-2020-36312 CVE-2020-36322 CVE-2021-20219

CVE-2021-27363 CVE-2021-27364 CVE-2021-27365

CVE-2021-28038 CVE-2021-28660 CVE-2021-28950

CVE-2021-28972 CVE-2021-29154 CVE-2021-29264

CVE-2021-29265 CVE-2021-29650 CVE-2021-30002

CVE-2021-3483

CVSS scores:

CVE-2020-0433 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-0433 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:1617-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.