SUSE-SU-2021:14849-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:14849-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:14849-1
- Related
- Published
- 2021-12-01T16:01:25Z
- Modified
- 2021-12-01T16:01:25Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 11 SP4 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-37159: hsofreenetdevice in drivers/net/usb/hso.c called unregisternetdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free (bnc#1188601).
- CVE-2021-3772: Fixed sctp vtag check in sctpsfootb (bsc#1190351).
- CVE-2021-3655: Missing size validations on inbound SCTP packets may have allowed the kernel to read uninitialized memory (bnc#1188563 bnc#1192267).
- CVE-2014-7841: The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation, when ASCONF is used, allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk (bnc#904899 bnc#905100).
- CVE-2021-20265: A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function when a signal was pending. This flaw allowed an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability (bnc#1183089).
- CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avccapmt mishandled bounds checking (bnc#1184673 bnc#1192036).
- CVE-2021-33033: The Linux kernel has a use-after-free in cipsov4genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value (bnc#1186109 bnc#1188876).
- CVE-2021-43389: There was an array-index-out-of-bounds flaw in the detachcapictr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
- CVE-2021-42008: The decodedata function in drivers/net/hamradio/6pack.c had a slab out-of-bounds write. Input from a process that has the CAPNET_ADMIN capability can lead to root access (bnc#1191315).
- CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117)
- CVE-2021-3640: Fixed a Use-After-Free vulnerability in function scosocksendmsg() in the bluetooth stack (bsc#1188172).
- CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computed the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262).
- CVE-2021-3653: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. (bnc#1189399).
- CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAPSYSADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057).
- CVE-2021-3609: A potential local privilege escalation in the CAN BCM networking protocol was fixed (bsc#1187215).
- CVE-2020-36385: drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctxlist in some ucmamigrateid situations where ucmaclose is called, aka CID-f5449e74802c (bnc#1187050).
The following non-security bugs were fixed:
- sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351).
- sctp: fully initialize v4 addr in some functions (bsc#1188563).
- sctp: simplify addr copy (bsc#1188563).
- References
-
- https://www.suse.com/support/update/announcement/2021/suse-su-202114849-1/
- https://bugzilla.suse.com/1183089
- https://bugzilla.suse.com/1184673
- https://bugzilla.suse.com/1186109
- https://bugzilla.suse.com/1187050
- https://bugzilla.suse.com/1187215
- https://bugzilla.suse.com/1188172
- https://bugzilla.suse.com/1188563
- https://bugzilla.suse.com/1188601
- https://bugzilla.suse.com/1188876
- https://bugzilla.suse.com/1189057
- https://bugzilla.suse.com/1189262
- https://bugzilla.suse.com/1189399
- https://bugzilla.suse.com/1190117
- https://bugzilla.suse.com/1190351
- https://bugzilla.suse.com/1191315
- https://bugzilla.suse.com/1191660
- https://bugzilla.suse.com/1191958
- https://bugzilla.suse.com/1192036
- https://bugzilla.suse.com/1192267
- https://bugzilla.suse.com/904899
- https://bugzilla.suse.com/905100
- https://www.suse.com/security/cve/CVE-2014-7841
- https://www.suse.com/security/cve/CVE-2020-36385
- https://www.suse.com/security/cve/CVE-2021-20265
- https://www.suse.com/security/cve/CVE-2021-33033
- https://www.suse.com/security/cve/CVE-2021-3542
- https://www.suse.com/security/cve/CVE-2021-3609
- https://www.suse.com/security/cve/CVE-2021-3640
- https://www.suse.com/security/cve/CVE-2021-3653
- https://www.suse.com/security/cve/CVE-2021-3655
- https://www.suse.com/security/cve/CVE-2021-3679
- https://www.suse.com/security/cve/CVE-2021-37159
- https://www.suse.com/security/cve/CVE-2021-3772
- https://www.suse.com/security/cve/CVE-2021-38160
- https://www.suse.com/security/cve/CVE-2021-38198
- https://www.suse.com/security/cve/CVE-2021-42008
- https://www.suse.com/security/cve/CVE-2021-42739
- https://www.suse.com/security/cve/CVE-2021-43389
Affected packages
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-bigmem
Package
- Name
- kernel-bigmem
- Purl
- purl:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-ec2
Package
- Name
- kernel-ec2
- Purl
- purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-pae
Package
- Name
- kernel-pae
- Purl
- purl:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-ppc64
Package
- Name
- kernel-ppc64
- Purl
- purl:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-trace
Package
- Name
- kernel-trace
- Purl
- purl:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.132.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.132.1",
"kernel-default-man": "3.0.101-108.132.1",
"kernel-ec2": "3.0.101-108.132.1",
"kernel-default": "3.0.101-108.132.1",
"kernel-source": "3.0.101-108.132.1",
"kernel-bigmem": "3.0.101-108.132.1",
"kernel-pae-base": "3.0.101-108.132.1",
"kernel-syms": "3.0.101-108.132.1",
"kernel-bigmem-base": "3.0.101-108.132.1",
"kernel-pae": "3.0.101-108.132.1",
"kernel-ppc64-devel": "3.0.101-108.132.1",
"kernel-ec2-devel": "3.0.101-108.132.1",
"kernel-ppc64-base": "3.0.101-108.132.1",
"kernel-trace-devel": "3.0.101-108.132.1",
"kernel-trace": "3.0.101-108.132.1",
"kernel-ec2-base": "3.0.101-108.132.1",
"kernel-ppc64": "3.0.101-108.132.1",
"kernel-xen-base": "3.0.101-108.132.1",
"kernel-xen-devel": "3.0.101-108.132.1",
"kernel-bigmem-devel": "3.0.101-108.132.1",
"kernel-trace-base": "3.0.101-108.132.1",
"kernel-default-devel": "3.0.101-108.132.1",
"kernel-pae-devel": "3.0.101-108.132.1",
"kernel-xen": "3.0.101-108.132.1"
}
]
}