SUSE: Security Advisory (SUSE-SU-2021:2416-1)

The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:2416-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116) CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062) CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215) CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585) CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050) The following non-security bugs were fixed: ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes). ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes). ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes). arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes). arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes). ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes). ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes). ata: ahci_sunxi: Disable DIPM (git-fixes). ath10k: Fix an error code in ath10k_add_interface() (git-fixes). Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes). brcmfmac: correctly report average RSSI in station info (git-fixes). brcmfmac: fix setting of station info chains bitmask (git-fixes). brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes). can: gw: synchronize rcu operations before removing gw job entry (git-fixes). can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes). can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes). cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes). char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes). crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes). cxgb4: fix wrong shift (git-fixes). drm: qxl: ensure surf.data is ininitialized (git-fixes). drm/nouveau: wait for moving fence after pinning v2 (git-fixes). drm/radeon: wait for moving fence after pinning (git-fixes). drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes). extcon: max8997: Add missing modalias string (git-fixes). extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes). fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes). fuse: check connected before queueing... [Please see the references for more information on the vulnerabilities]

'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Live Patching 12-SP5, SUSE Linux Enterprise High Availability 12-SP5

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).