Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

SUSE: Security Advisory (SUSE-SU-2021:3389-1)

Information

Severity

Severity

Medium

Family

Family

SuSE Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.4

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:3389-1 advisory.

Insight

Insight

The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bnc#1191193) CVE-2021-3752: Fixed a use after free vulnerability in the Linux kernel's bluetooth module. (bsc#1190023) CVE-2021-40490: Fixed a race condition discovered in the ext4 subsystem that could lead to local privilege escalation. (bnc#1190159) CVE-2021-3744: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1189884) CVE-2021-3764: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1190534) The following non-security bugs were fixed: be2net: Fix an error handling path in 'be_probe()' (git-fixes). bnx2x: fix an error code in bnx2x_nic_load() (git-fixes). bnxt_en: Add missing DMA memory barriers (git-fixes). bnxt_en: do not disable an already disabled PCI device (git-fixes). bnxt: disable napi before canceling DIM (bsc#1104745 ). btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626). clk: at91: clk-generated: Limit the requested rate to our range (git-fixes). clk: kirkwood: Fix a clocking boot regression (git-fixes). crypto: x86/aes-ni-xts - use direct calls to and 4-way stride (bsc#1114648). cxgb4: fix IRQ free race during driver unload (git-fixes). debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1173746). docs: Fix infiniband uverbs minor number (git-fixes). drm/gma500: Fix end of loop tests for list_for_each_entry (bsc#1129770) Backporting changes: * refresh drm/imx: ipuv3-plane: Remove two unnecessary export symbols (bsc#1129770) Backporting changes: * refreshed drm/mediatek: Add AAL output size configuration (bsc#1129770) Backporting changes: * adapted code to use writel() function drm/msm: Small msm_gem_purge() fix (bsc#1129770) Backporting changes: * context changes in msm_gem_purge() * remove test for non-existent msm_gem_is_locked() drm/msm/dsi: Fix some reference counted resource leaks (bsc#1129770) drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() (bsc#1186785). drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 (bsc#1129770) Backporting changes * context changes dt-bindings: pwm: stm32: Add #pwm-cells (git-fixes). e1000e: Do not take care about recovery NVM checksum (bsc#1158533). e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes). e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes). EDAC/i10nm: Fix NVDIMM detection (bsc#1114648). fbmem: add margin check to fb_check_caps() (bsc#1129770) Backporting changes: * context chacnges in fb_set_var() Fix build warnings. Also align code ... [Please see the references for more information on the vulnerabilities]

Affected Software

Affected Software

'Linux Kernel' package(s) on SUSE Linux Enterprise Server 12-SP5.

Detection Method

Detection Method

Checks if a vulnerable package version is present on the target host.

Solution

Solution

Please install the updated package(s).

Common Vulnerabilities and Exposures (CVE)