Explore top 10 tips to secure your open-source projects now. Read More
×
The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116). - CVE-2021-33909: Extremely large seq buffer allocations in seq_file could lead to buffer underruns and code execution (bsc#1188062). - CVE-2021-3609: A use-after-free in can/bcm could have led to privilege escalation (bsc#1187215). - CVE-2021-33624: In kernel/bpf/verifier.c a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db (bnc#1187554). - CVE-2021-0605: In pfkey_dump of af_key.c, there is a possible
#1104967 #1174978 #1179610 #1185701 #1185861
#1186463 #1186484 #1187038 #1187050 #1187215
#1187452 #1187554 #1187595 #1187601 #1187934
#1188062 #1188116
Cross- CVE-2020-24588 CVE-2020-26558 CVE-2020-36385
CVE-2020-36386 CVE-2021-0129 CVE-2021-0512
CVE-2021-0605 CVE-2021-22555 CVE-2021-33200
CVE-2021-33624 CVE-2021-33909 CVE-2021-34693
CVE-2021-3609
CVSS scores:
CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26558 (NVD) : 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-26558 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-36385 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Get the latest Linux and open source security news straight to your inbox.