SUSE: Security Advisory (SUSE-SU-2021:2408-1)

The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:2408-1 advisory.

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116). CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062). CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215). CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585) CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080) The following non-security bugs were fixed: ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes). ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes). ACPICA: Fix memory leak caused by _CID repair function (git-fixes). ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes). ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes). ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes). ACPI: resources: Add checks for ACPI IRQ override (git-fixes). ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes). ALSA: hda/realtek: Add another ALC236 variant support (git-fixes). ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes). ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes). ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes). ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes). ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes). ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes). ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes). amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes). ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes). ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes). ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes). ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes). ata: ahci_sunxi: Disable DIPM (git-fixes). ath10k: add missing error return code in ath10k_pci_probe() (git-fixes). ath10k: Fix an error code in ath10k_add_interface() (git-fixes). ath10k: go to path err_unsupported when chip id is not supported (git-fixes). ath10k: remove unused more_frags variable (git-fixes). ath9k: Fix kernel NULL pointer dereference during... [Please see the references for more information on the vulnerabilities]

'Linux Kernel' package(s) on SUSE Linux Enterprise Module for Public Cloud 15-SP2

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).