SUSE-SU-2021:3735-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2021:3735-1

Related

Published

2021-11-19T14:34:58Z

Modified

2021-11-19T14:34:58Z

Summary

Security update for the Linux Kernel (Live Patch 22 for SLE 15)

Details

This update for the Linux Kernel 4.12.14-150_66 fixes several issues.

The following security issues were fixed:

CVE-2021-0935: Fixed use after free that could lead to local escalation of privilege in ip6xmit of ip6output.c (bsc#1192042).
CVE-2021-3752: Fixed vulnerability in the linux kernel Bluetooth uaf module (bsc#1190432).
CVE-2021-41864: Fixed an integer overflow with a resultant out-of-bounds write in preallocelemsand_freelist in kernel/bpf/stackmap.c (bsc#1191318).

References

Affected packages

Name: kgraft-patch-SLE12-SP4_Update_20
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP4_Update_20&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8-2.2

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-95_74-default": "8-2.2"
        }
    ]
}

Name: kgraft-patch-SLE12-SP5_Update_15
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

12-2.2

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_60-default": "12-2.2"
        }
    ]
}

Name: kernel-livepatch-SLE15_Update_22
Purl: purl:rpm/suse/kernel-livepatch-SLE15_Update_22&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

12-2.2

{
    "binaries": [
        {
            "kernel-livepatch-4_12_14-150_66-default": "12-2.2"
        }
    ]
}