SUSE-SU-2021:2409-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2021/suse-su-20212409-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2409-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2021:2409-1

Upstream

CVE-2021-22555

CVE-2021-33909

Related

Published

2021-07-20T12:40:51Z

Modified

2025-05-08T17:16:33.286253Z

Summary

Security update for the Linux Kernel

Details

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2021-22555: A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c (bnc#1188116 ).
CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges (bsc#1188062).

The following non-security bugs were fixed:

ceph: must hold snap_rwsem when filling inode for async create (bsc#1187927).
cgroup1: do not allow '\n' in renaming (bsc#1187972).
qla2xxx: synchronize rport devlosstmo setting (bsc#1182470 bsc#1185486).
scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
usb: dwc3: Fix debugfs creation flow (git-fixes).
x86/pkru: Write hardware init value to PKRU when xstate is init (bsc#1152489).
x86/process: Check PF_KTHREAD and not current->mm for kernel threads (bsc#1152489).

References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP3

kernel-azure

Package

Name: kernel-azure
Purl: pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-38.14.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-azure": "5.3.18-38.14.1",
            "kernel-azure": "5.3.18-38.14.1",
            "kernel-azure-devel": "5.3.18-38.14.1",
            "kernel-devel-azure": "5.3.18-38.14.1",
            "kernel-syms-azure": "5.3.18-38.14.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2409-1.json"

kernel-source-azure

Package

Name: kernel-source-azure
Purl: pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-38.14.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-azure": "5.3.18-38.14.1",
            "kernel-azure": "5.3.18-38.14.1",
            "kernel-azure-devel": "5.3.18-38.14.1",
            "kernel-devel-azure": "5.3.18-38.14.1",
            "kernel-syms-azure": "5.3.18-38.14.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2409-1.json"

kernel-syms-azure

Package

Name: kernel-syms-azure
Purl: pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-38.14.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-azure": "5.3.18-38.14.1",
            "kernel-azure": "5.3.18-38.14.1",
            "kernel-azure-devel": "5.3.18-38.14.1",
            "kernel-devel-azure": "5.3.18-38.14.1",
            "kernel-syms-azure": "5.3.18-38.14.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2409-1.json"