Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

SUSE: 2021:2208-1 Important: Kernel Denial Of Service Fix Instructions

suse
Calendar Grey June 30, 2021
Scroller Suse
Explore the newest kernel release from SUSE, tackling various vulnerabilities and bugs, while strengthening overall system integrity.
An update that solves 12 vulnerabilities and has 42 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484). - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values. (bsc#1186111) - CVE-2020-26139: Fixed a denial-of-service when an Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. (bnc#1186062) - CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges. (bnc#1186060)

References

#1087082 #1133021 #1152457 #1152489 #1155518

#1156395 #1162702 #1164648 #1176564 #1177666

#1178418 #1178612 #1179827 #1179851 #1182378

#1182999 #1183346 #1183868 #1183873 #1183932

#1183947 #1184081 #1184082 #1184611 #1184855

#1185428 #1185497 #1185589 #1185606 #1185645

#1185677 #1185680 #1185696 #1185703 #1185725

#1185758 #1185859 #1185861 #1185863 #1185898

#1185899 #1185911 #1185938 #1185987 #1185988

#1186061 #1186285 #1186320 #1186439 #1186441

#1186460 #1186498 #1186501 #1186573

Cross- CVE-2020-24586 CVE-2020-24587 CVE-2020-24588

CVE-2020-26139 CVE-2020-26141 CVE-2020-26145

CVE-2020-26147 CVE-2021-23134 CVE-2021-32399

CVE-2021-33034 CVE-2021-33200 CVE-2021-3491

CVSS scores:

CVE-202...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:2208-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.