Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:1266-1 Final 1 1 2021-04-20T06:54:57Z current 2021-04-20T06:54:57Z 2021-04-20T06:54:57Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP5 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391). - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181). - CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511). - CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393). - CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120). - CVE-2021-20219: Fixed a denial of service in n_tty_receive_char_special (bsc#1184397). The following non-security bugs were fixed: - cifs: change noisy error message to FYI (bsc#1181507). - cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507). - cifs: do not send close in compound create+close requests (bsc#1181507). - cifs: New optype for session operations (bsc#1181507). - cifs: print MIDs in decimal notation (bsc#1181507). - cifs: return proper error code in statfs(2) (bsc#1181507). - cifs: Tracepoints and logs for tracing credit changes (bsc#1181507). - fix setting irq affinity (bsc#1184583) - ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237). - locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes). - net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405) - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#1065729). - powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes). - powerpc/pseries/mobility: handle premature return from H_JOIN (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922). - powerpc/pseries/mobility: use struct for shared state (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922). - powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729). - s390/pci: Fix s390_mmio_read/write with MIO (LTC#192079 bsc#1183755). - smb3: add dynamic trace point to trace when credits obtained (bsc#1181507). - smb3: fix crediting for compounding when only one request in flight (bsc#1181507). - usbip: fix stub_dev to check for stream socket (git-fixes). - usbip: fix vhci_hcd to check for stream socket (git-fixes). - virsh: list is showing less guests then 'xl list' (bsc#1184513). - vsprintf: Do not have bprintf dereference pointers (bsc#1184494). - vsprintf: Do not preprocess non-dereferenced pointers for bprintf (%px and %pK) (bsc#1184494). - vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers (bsc#1184494). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2021-1266,SUSE-SLE-RT-12-SP5-2021-1266 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ Link for SUSE-SU-2021:1266-1 https://lists.suse.com/pipermail/sle-security-updates/2021-April/008657.html E-Mail link for SUSE-SU-2021:1266-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1065729 SUSE Bug 1065729 https://bugzilla.suse.com/1113295 SUSE Bug 1113295 https://bugzilla.suse.com/1178181 SUSE Bug 1178181 https://bugzilla.suse.com/1181507 SUSE Bug 1181507 https://bugzilla.suse.com/1181674 SUSE Bug 1181674 https://bugzilla.suse.com/1183405 SUSE Bug 1183405 https://bugzilla.suse.com/1183662 SUSE Bug 1183662 https://bugzilla.suse.com/1183755 SUSE Bug 1183755 https://bugzilla.suse.com/1184114 SUSE Bug 1184114 https://bugzilla.suse.com/1184120 SUSE Bug 1184120 https://bugzilla.suse.com/1184170 SUSE Bug 1184170 https://bugzilla.suse.com/1184391 SUSE Bug 1184391 https://bugzilla.suse.com/1184393 SUSE Bug 1184393 https://bugzilla.suse.com/1184397 SUSE Bug 1184397 https://bugzilla.suse.com/1184494 SUSE Bug 1184494 https://bugzilla.suse.com/1184511 SUSE Bug 1184511 https://bugzilla.suse.com/1184583 SUSE Bug 1184583 https://www.suse.com/security/cve/CVE-2020-25670/ SUSE CVE CVE-2020-25670 page https://www.suse.com/security/cve/CVE-2020-25671/ SUSE CVE CVE-2020-25671 page https://www.suse.com/security/cve/CVE-2020-25672/ SUSE CVE CVE-2020-25672 page https://www.suse.com/security/cve/CVE-2020-25673/ SUSE CVE CVE-2020-25673 page https://www.suse.com/security/cve/CVE-2020-36311/ SUSE CVE CVE-2020-36311 page https://www.suse.com/security/cve/CVE-2021-20219/ SUSE CVE CVE-2021-20219 page https://www.suse.com/security/cve/CVE-2021-29154/ SUSE CVE CVE-2021-29154 page https://www.suse.com/security/cve/CVE-2021-30002/ SUSE CVE CVE-2021-30002 page https://www.suse.com/security/cve/CVE-2021-3483/ SUSE CVE CVE-2021-3483 page SUSE Linux Enterprise Real Time 12 SP5 cluster-md-kmp-rt-4.12.14-10.40.1 cluster-md-kmp-rt_debug-4.12.14-10.40.1 dlm-kmp-rt-4.12.14-10.40.1 dlm-kmp-rt_debug-4.12.14-10.40.1 gfs2-kmp-rt-4.12.14-10.40.1 gfs2-kmp-rt_debug-4.12.14-10.40.1 kernel-devel-rt-4.12.14-10.40.1 kernel-rt-4.12.14-10.40.1 kernel-rt-base-4.12.14-10.40.1 kernel-rt-devel-4.12.14-10.40.1 kernel-rt-extra-4.12.14-10.40.1 kernel-rt-kgraft-devel-4.12.14-10.40.1 kernel-rt_debug-4.12.14-10.40.1 kernel-rt_debug-base-4.12.14-10.40.1 kernel-rt_debug-devel-4.12.14-10.40.1 kernel-rt_debug-extra-4.12.14-10.40.1 kernel-rt_debug-kgraft-devel-4.12.14-10.40.1 kernel-source-rt-4.12.14-10.40.1 kernel-syms-rt-4.12.14-10.40.1 kselftests-kmp-rt-4.12.14-10.40.1 kselftests-kmp-rt_debug-4.12.14-10.40.1 ocfs2-kmp-rt-4.12.14-10.40.1 ocfs2-kmp-rt_debug-4.12.14-10.40.1 cluster-md-kmp-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 dlm-kmp-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 gfs2-kmp-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-devel-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-rt-base-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-rt-devel-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-rt_debug-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-rt_debug-devel-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-source-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 kernel-syms-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 ocfs2-kmp-rt-4.12.14-10.40.1 as a component of SUSE Linux Enterprise Real Time 12 SP5 A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. CVE-2020-25670 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2020-25670.html CVE-2020-25670 https://bugzilla.suse.com/1178181 SUSE Bug 1178181 https://bugzilla.suse.com/1194680 SUSE Bug 1194680 A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. CVE-2020-25671 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2020-25671.html CVE-2020-25671 https://bugzilla.suse.com/1178181 SUSE Bug 1178181 A memory leak vulnerability was found in Linux kernel in llcp_sock_connect CVE-2020-25672 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2020-25672.html CVE-2020-25672 https://bugzilla.suse.com/1178181 SUSE Bug 1178181 A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. CVE-2020-25673 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 important 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2020-25673.html CVE-2020-25673 https://bugzilla.suse.com/1178181 SUSE Bug 1178181 An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. CVE-2020-36311 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2020-36311.html CVE-2020-36311 https://bugzilla.suse.com/1184511 SUSE Bug 1184511 A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threat to the system availability. CVE-2021-20219 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2021-20219.html CVE-2021-20219 https://bugzilla.suse.com/1184397 SUSE Bug 1184397 BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. CVE-2021-29154 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2021-29154.html CVE-2021-29154 https://bugzilla.suse.com/1184391 SUSE Bug 1184391 https://bugzilla.suse.com/1184710 SUSE Bug 1184710 https://bugzilla.suse.com/1186408 SUSE Bug 1186408 An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. CVE-2021-30002 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2021-30002.html CVE-2021-30002 https://bugzilla.suse.com/1184120 SUSE Bug 1184120 A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected CVE-2021-3483 SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.40.1 SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.40.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211266-1/ https://www.suse.com/security/cve/CVE-2021-3483.html CVE-2021-3483 https://bugzilla.suse.com/1184393 SUSE Bug 1184393