SUSE 15: 2022:0237-1 Important: Kernel Update For 3 Security Issues

suse

January 31, 2022

An update that fixes three vulnerabilities is now available

Summary

This update for the Linux Kernel 4.12.14-150_72 fixes several issues. The following security issues were fixed: - CVE-2018-25020: Fixed an issue in the BPF subsystem in the Linux kernel mishandled situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. (bsc#1193575) - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bsc#1191193) - CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and

Topics Covered

security advisory buffer overflow kernel update important SUSE Linux encryption flaw

References

#1191529 #1192036 #1193863

Cross- CVE-2018-25020 CVE-2020-3702 CVE-2021-42739

CVSS scores:

CVE-2018-25020 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-3702 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2020-3702 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2021-42739 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

SUSE Linux Enterprise Module for Live Patching 15

https://www.suse.com/security/cve/CVE-2018-25020.html

https://www.suse.com/security/cve/CVE-2020-3702.html

https://www.suse.com/security/cve/CVE-2021-42739.html

https://bugzilla.suse.com/1191529

https://bugzilla.suse.com/1192036

https://bugzilla.suse.com/1193863

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:0237-1

Rating: important

Topics Covered

security advisory buffer overflow kernel update important SUSE Linux encryption flaw

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15: 2022:0237-1 Important: Kernel Update For 3 Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15: 2022:0237-1 Important: Kernel Update For 3 Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!