SUSE: Security Advisory (SUSE-SU-2021:3748-1)

The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:3748-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563). CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349). CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109). CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067). CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673). CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063). CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could have allowed local attackers to access the Aspeed LPC control interface to overwrite memory in the kernel and potentially execute privileges (bnc#1190479). CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write (bnc#1191317). CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315). CVE-2021-37159: Fixed use-after-free and a double free inside hso_free_net_device in drivers/net/usb/hso.c when unregister_netdev is called without checking for the NETREG_REGISTERED state (bnc#1188601). The following non-security bugs were fixed: IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes) KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path (bsc#1065729). NFS: Do uncached readdir when we're seeking a cookie in an empty page cache (bsc#1191628). NFS: Fix backport error - dir_cookie is a pointer to a u64, not a u64. PM: base: power: do not try to use non-existing RTC for storing data (git-fixes). SMB3.1.1: Fix ids returned in POSIX query dir (bsc#1190317). SMB3.1.1: do not log warning message if server does not populate salt (bsc#1190317). SMB3.1.1: fix mount failure to some servers when compression enabled (bsc#1190317). SMB3.1.1: remove confusing mount warning when no SPNEGO info on negprot rsp (bsc#1190317). SMB3.1.1: update comments ... [Please see the references for more information on the vulnerabilities]

'Linux Kernel' package(s) on SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise Live Patching 12-SP5, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Workstation Extension 12-SP5.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).