SUSE 15-SP2: 2021:2646-1 Important: Kernel Memory Corruption

suse

August 10, 2021

An update that solves four vulnerabilities and has 38 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876). - CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445). - CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482). - CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM

Topics Covered

security advisory important fixes SUSE Linux linux kernel

References

#1065729 #1085224 #1094840 #1113295 #1153274

#1154353 #1155518 #1156395 #1176940 #1179243

#1180092 #1183871 #1184114 #1184350 #1184631

#1184804 #1185377 #1185902 #1186194 #1186206

#1186482 #1186483 #1187476 #1188101 #1188405

#1188445 #1188504 #1188620 #1188683 #1188746

#1188747 #1188748 #1188770 #1188771 #1188772

#1188773 #1188774 #1188777 #1188838 #1188876

#1188885 #1188973

Cross- CVE-2021-21781 CVE-2021-22543 CVE-2021-3659

CVE-2021-37576

CVSS scores:

CVE-2021-21781 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2021-22543 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-3659 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-37576 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2021:2646-1

Rating: important

Topics Covered

security advisory important fixes SUSE Linux linux kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15-SP2: 2021:2646-1 Important: Kernel Memory Corruption

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15-SP2: 2021:2646-1 Important: Kernel Memory Corruption

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!