Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SUSE: Security Advisory (SUSE-SU-2021:2427-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:2427-1 advisory.
Insight
Insight
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116) CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to leak the contents of arbitrary kernel memory (and therefore, of all physical memory) via a side-channel. (bsc#1187554) CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. (bsc#1187601) CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1187595) CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing. (bnc#1179610) CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (bsc#1187452) CVE-2021-0129: Fixed an improper access control in BlueZ that may have allowed an authenticated user to potentially enable information disclosure via adjacent access. (bnc#1186463) CVE-2020-36386: Fixed an out-of-bounds read in hci_extended_inquiry_result_evt. (bsc#1187038) CVE-2020-24588: Fixed a bug that could allow an adversary to abuse devices that support receiving non-SSP A-MSDU frames to inject arbitrary network packets. (bsc#1185861 bsc#1185863) CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062) CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215) CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050) CVE-2021-33200: Fix leakage of uninitialized bpf stack under speculation. (bsc#1186484) The following non-security bugs were fixed: af_packet: fix the tx skb protocol in raw sockets with ETH_P_ALL (bsc#1176081). kabi: preserve struct header_ops after bsc#1176081 fix (bsc#1176081). net: Do not set transport offset to invalid value (bsc#1176081). net: Introduce parse_protocol header_ops callback (bsc#1176081). net/ethernet: Add parse_protocol header_ops support (bsc#1176081). net/mlx5e: Remove the wrong assumption about transport offset (bsc#1176081). net/mlx5e: Trust kernel regarding transport offset (bsc#1176081). net/packet: Ask driver for protocol if not provided by user (bsc#1176081). net/packet: Remove redundant skb->protocol set (bsc#1176081). resource: Fix find_next_iomem_res() iteration issue (bsc#1181193). scsi: scsi_dh_alua: Retry RTPG on a ... [Please see the references for more information on the vulnerabilities]
Affected Software
Affected Software
'Linux Kernel' package(s) on SUSE Manager Server 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Proxy 4.0, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Linux Enterprise Server 15-SP1, SUSE Linux Enterprise Module for Live Patching 15-SP1, SUSE Linux Enterprise High Performance Computing 15-SP1, SUSE Linux Enterprise High Availability 15-SP1, SUSE Enterprise Storage 6, SUSE CaaS Platform 4.0.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).