SUSE-SU-2021:0809-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:0809-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:0809-1
- Related
- Published
- 2021-03-17T16:24:32Z
- Modified
- 2021-03-17T16:24:32Z
- Summary
- Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1)
- Details
-
This update for the Linux Kernel 4.12.14-197_78 fixes several issues.
The following security issues were fixed:
- CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179664).
- CVE-2021-3347: Fixed a use-after-free in the PI futexes during fault handling, allowing local users to execute code in the kernel (bsc#1181553).
- CVE-2020-27786: Fixed a potential user after free which could have led to memory corruption or privilege escalation (bsc#1179616).
- CVE-2021-0342: Fixed a potential memory corruption due to a use after free which could have led to local escalation of privilege with System execution privileges required (bsc#1180859).
- References
-
- https://www.suse.com/support/update/announcement/2021/suse-su-20210809-1/
- https://bugzilla.suse.com/1179616
- https://bugzilla.suse.com/1179664
- https://bugzilla.suse.com/1180859
- https://bugzilla.suse.com/1181553
- https://www.suse.com/security/cve/CVE-2020-27786
- https://www.suse.com/security/cve/CVE-2020-29368
- https://www.suse.com/security/cve/CVE-2021-0342
- https://www.suse.com/security/cve/CVE-2021-3347
Affected packages
SUSE:Linux Enterprise Live Patching 12 SP5 / kgraft-patch-SLE12-SP5_Update_14
Package
- Name
- kgraft-patch-SLE12-SP5_Update_14
- Purl
- purl:rpm/suse/kgraft-patch-SLE12-SP5_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5