SUSE-SU-2021:3735-1

CVE-2021-0935: Fixed use after free that could lead to local escalation of privilege in ip6xmit of ip6output.c (bsc#1192042).
CVE-2021-3752: Fixed vulnerability in the linux kernel Bluetooth uaf module (bsc#1190432).
CVE-2021-41864: Fixed an integer overflow with a resultant out-of-bounds write in preallocelemsand_freelist in kernel/bpf/stackmap.c (bsc#1191318).

References

Affected packages

SUSE:Linux Enterprise Live Patching 12 SP4

kgraft-patch-SLE12-SP4_Update_20

Name: kgraft-patch-SLE12-SP4_Update_20
Purl: pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_20&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8-2.2

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-95_74-default": "8-2.2"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:3735-1.json"

SUSE:Linux Enterprise Live Patching 12 SP5

kgraft-patch-SLE12-SP5_Update_15

Name: kgraft-patch-SLE12-SP5_Update_15
Purl: pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

12-2.2

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_60-default": "12-2.2"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:3735-1.json"

SUSE:Linux Enterprise Live Patching 15

kernel-livepatch-SLE15_Update_22

Name: kernel-livepatch-SLE15_Update_22
Purl: pkg:rpm/suse/kernel-livepatch-SLE15_Update_22&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

12-2.2

{
    "binaries": [
        {
            "kernel-livepatch-4_12_14-150_66-default": "12-2.2"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:3735-1.json"