Explore top 10 tips to secure your open-source projects now. Read More
×
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876). - CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482). - CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838). - CVE-2020-0429: In l2tp_session_delete and related functions of
#1065729 #1085224 #1094840 #1113295 #1176724
#1176931 #1176940 #1179195 #1181161 #1183871
#1184114 #1184350 #1184804 #1185377 #1186206
#1186482 #1186483 #1186672 #1187038 #1187476
#1187846 #1188026 #1188101 #1188405 #1188620
#1188750 #1188838 #1188876 #1188885 #1188973
Cross- CVE-2020-0429 CVE-2020-36386 CVE-2021-22543
CVE-2021-3659 CVE-2021-37576
CVSS scores:
CVE-2020-0429 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2020-0429 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-36386 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2020-36386 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2021-22543 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Get the latest Linux and open source security news straight to your inbox.