{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-azure":"5.3.18-38.14.1","kernel-azure-devel":"5.3.18-38.14.1","kernel-devel-azure":"5.3.18-38.14.1","kernel-source-azure":"5.3.18-38.14.1","kernel-syms-azure":"5.3.18-38.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 15 SP3","name":"kernel-azure","purl":"pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-38.14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-azure":"5.3.18-38.14.1","kernel-azure-devel":"5.3.18-38.14.1","kernel-devel-azure":"5.3.18-38.14.1","kernel-source-azure":"5.3.18-38.14.1","kernel-syms-azure":"5.3.18-38.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 15 SP3","name":"kernel-source-azure","purl":"pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-38.14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-azure":"5.3.18-38.14.1","kernel-azure-devel":"5.3.18-38.14.1","kernel-devel-azure":"5.3.18-38.14.1","kernel-source-azure":"5.3.18-38.14.1","kernel-syms-azure":"5.3.18-38.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 15 SP3","name":"kernel-syms-azure","purl":"pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-38.14.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c (bnc#1188116 ).\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges (bsc#1188062).\n\nThe following non-security bugs were fixed:\n\n- ceph: must hold snap_rwsem when filling inode for async create (bsc#1187927).\n- cgroup1: do not allow '\\n' in renaming (bsc#1187972).\n- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470 bsc#1185486).\n- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- x86/pkru: Write hardware init value to PKRU when xstate is init (bsc#1152489).\n- x86/process: Check PF_KTHREAD and not current->mm for kernel threads (bsc#1152489).\n","id":"SUSE-SU-2021:2409-1","modified":"2021-07-20T12:40:51Z","published":"2021-07-20T12:40:51Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20212409-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152489"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182470"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185486"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187927"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187972"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187980"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188062"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188116"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-22555"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-33909"}],"related":["CVE-2021-22555","CVE-2021-33909"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2021-22555","CVE-2021-33909"]}