Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2021:3929-1 Important Kernel Security Fixes and Threats

suse
Calendar Grey December 6, 2021
Dist Suse Esm H88
The latest SUSE Security Patch delivers critical updates and addresses various security flaws found within the Linux Kernel.
An update that solves 36 vulnerabilities and has 7 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past (jsc#SLE-22573) You can reenable via systemctl setting /proc/sys/kernel/unprivileged_bpf_disabled to 0. (kernel.unprivileged_bpf_disabled = 0) - CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may have allowed unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032). Additional spectrev1 fixes were added to the eBPF code. - CVE-2018-13405: The inode_init_owner function in fs/inode.c allowed

Topics%20covered

Topics Covered

security advisory unauthorized access bug fix memory corruption kernel Denial of Service SUSE

References

#1068032 #1087082 #1098425 #1100416 #1119934

#1129735 #1171217 #1171420 #1173346 #1176724

#1183089 #1184673 #1186109 #1186390 #1188172

#1188325 #1188563 #1188601 #1188838 #1188876

#1188983 #1188985 #1189057 #1189262 #1189291

#1189399 #1189706 #1190023 #1190025 #1190067

#1190117 #1190159 #1190276 #1190349 #1190351

#1190601 #1191193 #1191315 #1191790 #1191958

#1191961 #1192781 #802154

Cross- CVE-2017-5753 CVE-2018-13405 CVE-2018-16882

CVE-2020-0429 CVE-2020-12655 CVE-2020-14305

CVE-2020-3702 CVE-2021-20265 CVE-2021-20322

CVE-2021-31916 CVE-2021-33033 CVE-2021-34556

CVE-2021-34981 CVE-2021-3542 CVE-2021-35477

CVE-2021-3640 CVE-2021-3653 CVE-2021-3655

CVE-2021-3659 CVE-2021-3679 CVE-2021-3715

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:3929-1
Rating: important

Topics%20covered

Topics Covered

security advisory unauthorized access bug fix memory corruption kernel Denial of Service SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here