Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:2560-1 Final 1 1 2021-07-29T11:24:43Z current 2021-07-29T11:24:43Z 2021-07-29T11:24:43Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) This update for the Linux Kernel 4.12.14-197_56 fixes several issues. The following security issues were fixed: - CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062) - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116) - CVE-2020-36385: Fixed a use-after-free vulnerability reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. (bnc#1187050) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2021-2560,SUSE-SLE-Module-Live-Patching-15-SP1-2021-2560,SUSE-SLE-Module-Live-Patching-15-SP1-2021-2561 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20212560-1/ Link for SUSE-SU-2021:2560-1 https://lists.suse.com/pipermail/sle-security-updates/2021-July/009230.html E-Mail link for SUSE-SU-2021:2560-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1187052 SUSE Bug 1187052 https://bugzilla.suse.com/1188117 SUSE Bug 1188117 https://bugzilla.suse.com/1188257 SUSE Bug 1188257 https://www.suse.com/security/cve/CVE-2020-36385/ SUSE CVE CVE-2020-36385 page https://www.suse.com/security/cve/CVE-2021-22555/ SUSE CVE CVE-2021-22555 page https://www.suse.com/security/cve/CVE-2021-33909/ SUSE CVE CVE-2021-33909 page SUSE Linux Enterprise Live Patching 15 SP1 kernel-livepatch-4_12_14-197_83-default-8-2.2 kernel-livepatch-4_12_14-197_56-default-12-2.2 kernel-livepatch-4_12_14-197_83-default-8-2.2 as a component of SUSE Linux Enterprise Live Patching 15 SP1 kernel-livepatch-4_12_14-197_56-default-12-2.2 as a component of SUSE Linux Enterprise Live Patching 15 SP1 An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. CVE-2020-36385 SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_56-default-12-2.2 SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_83-default-8-2.2 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20212560-1/ https://www.suse.com/security/cve/CVE-2020-36385.html CVE-2020-36385 https://bugzilla.suse.com/1187050 SUSE Bug 1187050 https://bugzilla.suse.com/1187052 SUSE Bug 1187052 https://bugzilla.suse.com/1189302 SUSE Bug 1189302 https://bugzilla.suse.com/1196174 SUSE Bug 1196174 https://bugzilla.suse.com/1196810 SUSE Bug 1196810 https://bugzilla.suse.com/1196914 SUSE Bug 1196914 https://bugzilla.suse.com/1200084 SUSE Bug 1200084 https://bugzilla.suse.com/1201734 SUSE Bug 1201734 A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space CVE-2021-22555 SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_56-default-12-2.2 SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_83-default-8-2.2 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20212560-1/ https://www.suse.com/security/cve/CVE-2021-22555.html CVE-2021-22555 https://bugzilla.suse.com/1188116 SUSE Bug 1188116 https://bugzilla.suse.com/1188117 SUSE Bug 1188117 https://bugzilla.suse.com/1188411 SUSE Bug 1188411 fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. CVE-2021-33909 SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_56-default-12-2.2 SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_83-default-8-2.2 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20212560-1/ https://www.suse.com/security/cve/CVE-2021-33909.html CVE-2021-33909 https://bugzilla.suse.com/1188062 SUSE Bug 1188062 https://bugzilla.suse.com/1188063 SUSE Bug 1188063 https://bugzilla.suse.com/1188257 SUSE Bug 1188257 https://bugzilla.suse.com/1189302 SUSE Bug 1189302 https://bugzilla.suse.com/1190859 SUSE Bug 1190859