SUSE-SU-2021:14764-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:14764-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:14764-1
- Related
- Published
- 2021-07-13T07:46:15Z
- Modified
- 2021-07-13T07:46:15Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-0512: Fixed a possible out of bounds write due to a heap buffer overflow in _hidinputchangeresolutionmultipliers. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1187595)
- CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (bsc#1187452)
- CVE-2020-36386: Fixed an out-of-bounds read in hciextendedinquiryresultevt. (bsc#1187038)
- CVE-2020-24588: Fixed a bug that could allow an adversary to abuse devices that support receiving non-SSP A-MSDU frames to inject arbitrary network packets. (bsc#1185861 bsc#1185863)
- CVE-2021-29154: Fixed an incorrect computation of branch displacements in the BPF JIT compilers, which could allow to execute arbitrary code within the kernel context. (bsc#1184391)
- CVE-2021-32399: Fixed a race condition in net/bluetooth/hci_request.c for removal of the HCI controller. (bsc#1184611)
- CVE-2020-24586: Fixed a bug that, under the right circumstances, allows to inject arbitrary network packets and/or exfiltrate user data when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP. (bsc#1185859 bsc#1185863)
- CVE-2020-26139: Fixed a bug that allows an Access Point (AP) to forward EAPOL frames to other clients even though the sender has not yet successfully authenticated. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and made it easier to exploit other vulnerabilities in connected clients. (bsc#1185863 bsc#1186062)
- CVE-2020-24587: Fixed a bug that allows an adversary to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. (bsc#1185862 bsc#1185863)
The following non-security bugs were fixed:
- md: do not flush workqueue unconditionally in md_open (bsc#1184081).
- md: factor out a mddevfindlocked helper from mddev_find (bsc#1184081).
- md: md_open returns -EBUSY when entering racing area (bsc#1184081).
- md: split mddev_find (bsc#1184081).
- References
-
- https://www.suse.com/support/update/announcement/2021/suse-su-202114764-1/
- https://bugzilla.suse.com/1184081
- https://bugzilla.suse.com/1184391
- https://bugzilla.suse.com/1184611
- https://bugzilla.suse.com/1185859
- https://bugzilla.suse.com/1185861
- https://bugzilla.suse.com/1185862
- https://bugzilla.suse.com/1185863
- https://bugzilla.suse.com/1186062
- https://bugzilla.suse.com/1187038
- https://bugzilla.suse.com/1187452
- https://bugzilla.suse.com/1187595
- https://www.suse.com/security/cve/CVE-2020-24586
- https://www.suse.com/security/cve/CVE-2020-24587
- https://www.suse.com/security/cve/CVE-2020-24588
- https://www.suse.com/security/cve/CVE-2020-26139
- https://www.suse.com/security/cve/CVE-2020-36386
- https://www.suse.com/security/cve/CVE-2021-0512
- https://www.suse.com/security/cve/CVE-2021-29154
- https://www.suse.com/security/cve/CVE-2021-32399
- https://www.suse.com/security/cve/CVE-2021-34693
Affected packages
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-bigmem
Package
- Name
- kernel-bigmem
- Purl
- purl:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-ec2
Package
- Name
- kernel-ec2
- Purl
- purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-pae
Package
- Name
- kernel-pae
- Purl
- purl:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-ppc64
Package
- Name
- kernel-ppc64
- Purl
- purl:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-trace
Package
- Name
- kernel-trace
- Purl
- purl:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.129.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.129.1",
"kernel-default-man": "3.0.101-108.129.1",
"kernel-ec2": "3.0.101-108.129.1",
"kernel-default": "3.0.101-108.129.1",
"kernel-source": "3.0.101-108.129.1",
"kernel-bigmem": "3.0.101-108.129.1",
"kernel-pae-base": "3.0.101-108.129.1",
"kernel-syms": "3.0.101-108.129.1",
"kernel-bigmem-base": "3.0.101-108.129.1",
"kernel-pae": "3.0.101-108.129.1",
"kernel-ppc64-devel": "3.0.101-108.129.1",
"kernel-ec2-devel": "3.0.101-108.129.1",
"kernel-ppc64-base": "3.0.101-108.129.1",
"kernel-trace-devel": "3.0.101-108.129.1",
"kernel-trace": "3.0.101-108.129.1",
"kernel-ec2-base": "3.0.101-108.129.1",
"kernel-ppc64": "3.0.101-108.129.1",
"kernel-xen-base": "3.0.101-108.129.1",
"kernel-xen-devel": "3.0.101-108.129.1",
"kernel-bigmem-devel": "3.0.101-108.129.1",
"kernel-trace-base": "3.0.101-108.129.1",
"kernel-default-devel": "3.0.101-108.129.1",
"kernel-pae-devel": "3.0.101-108.129.1",
"kernel-xen": "3.0.101-108.129.1"
}
]
}