Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-22555 (GCVE-0-2021-22555)
Vulnerability from cvelistv5 – Published: 2021-07-07 11:20 – Updated: 2025-12-30 20:32
VLAI
EPSS
CISA KEV
Title
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
Summary
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
Severity
8.3 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/google/security-research/secur… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| http://packetstormsecurity.com/files/163528/Linux… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021080… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/163878/Kerne… | x_refsource_MISC |
| http://packetstormsecurity.com/files/164155/Kerne… | x_refsource_MISC |
| http://packetstormsecurity.com/files/164437/Netfi… | x_refsource_MISC |
| http://packetstormsecurity.com/files/165477/Kerne… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Linux Kernel |
Affected:
2.6.19-rc1 , < unspecified
(custom)
|
Date Public
2021-07-04 00:00
Credits
Andy Nguyen
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 658c453d-e96d-40c3-978e-571aae7c2c0c
Exploited: Yes
Timestamps
First Seen: 2025-10-06
Asserted: 2025-10-06
Scope
Notes: KEV entry: Linux Kernel Heap Out-of-Bounds Write Vulnerability | Affected: Linux / Kernel | Description: Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2025-10-27 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 ; https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d ; https://security.netapp.com/advisory/ntap-20210805-0010/ ; https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 ; https://nvd.nist.gov/vuln/detail/CVE-2021-22555
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-787 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Kernel |
| Due Date | 2025-10-27 |
| Date Added | 2025-10-06 |
| Vendorproject | Linux |
| Vulnerabilityname | Linux Kernel Heap Out-of-Bounds Write Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0010/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-22555",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-04T03:55:24.534831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-10-06",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T20:32:33.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Linux Kernel",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "2.6.19-rc1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andy Nguyen"
}
],
"datePublic": "2021-07-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-06T19:06:15.000Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0010/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"DATE_PUBLIC": "2021-07-04T10:00:00.000Z",
"ID": "CVE-2021-22555",
"STATE": "PUBLIC",
"TITLE": "Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux Kernel",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "2.6.19-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Andy Nguyen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528",
"refsource": "MISC",
"url": "https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d"
},
{
"name": "http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210805-0010/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210805-0010/"
},
{
"name": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html"
},
{
"name": "http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html"
},
{
"name": "http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html"
},
{
"name": "http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2021-22555",
"datePublished": "2021-07-07T11:20:10.668Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2025-12-30T20:32:33.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2021-22555",
"cwes": "[\"CWE-787\"]",
"dateAdded": "2025-10-06",
"dueDate": "2025-10-27",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 ; https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d ; https://security.netapp.com/advisory/ntap-20210805-0010/ ; https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 ; https://nvd.nist.gov/vuln/detail/CVE-2021-22555",
"product": "Kernel",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.",
"vendorProject": "Linux",
"vulnerabilityName": "Linux Kernel Heap Out-of-Bounds Write Vulnerability"
},
"epss": {
"cve": "CVE-2021-22555",
"date": "2026-05-30",
"epss": "0.85239",
"percentile": "0.99373"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-22555\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2021-07-07T12:15:08.453\",\"lastModified\":\"2025-10-27T17:06:32.497\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space\"},{\"lang\":\"es\",\"value\":\"En el archivo net/netfilter/x_tables.c se ha detectado una escritura fuera de l\u00edmites en la pila que afecta a Linux desde la versi\u00f3n 2.6.19-rc1. Esto permite a un atacante alcanzar privilegios o causar una denegaci\u00f3n de servicio (por medio de corrupci\u00f3n de la memoria de la pila) mediante el espacio de nombres de usuario\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2025-10-06\",\"cisaActionDue\":\"2025-10-27\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Linux Kernel Heap Out-of-Bounds Write Vulnerability\",\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AC7AD92-8B33-4137-A4EC-08641E4AF857\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD443748-B0D1-4C1A-A62E-BD5FB5967370\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB1EC2-2560-494A-A51B-6F20CE318FEB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58DE2B52-4E49-4CD0-9310-00291B0352C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.19\",\"versionEndExcluding\":\"4.4.267\",\"matchCriteriaId\":\"3E869A37-B25A-4CFD-AFA1-964C540B7283\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.267\",\"matchCriteriaId\":\"8F1C60CB-5594-496C-8DF0-68D909707254\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.231\",\"matchCriteriaId\":\"C1285CF4-6285-4288-9981-03A04F93519E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.188\",\"matchCriteriaId\":\"46073F63-74D1-4675-999A-574C1C13B627\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.113\",\"matchCriteriaId\":\"BB3CE52D-3245-4B6C-9C92-897BCB496882\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.31\",\"matchCriteriaId\":\"EB0A42D4-2DAC-4DE0-A20B-A2700AA5E63A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.12\",\"matchCriteriaId\":\"66C052DB-C48A-43D4-A1A8-AF1E331199D4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:brocade:fabric_operating_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CD1160-B681-41EF-9EB4-06CE0F53C501\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5CDADAB-72A5-4526-8432-E6C9AC56B29F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E64576DE-90F0-4F5E-9C82-AB745CFEDBB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF5AFE69-7990-4F80-9E63-D8AD58AA3A2D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6415E28A-4EAC-4F7F-BD81-1A55CE8B6F40\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FD9B9A-BBE5-4CA5-B9F9-B16E1FE738C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E70A56-DBA8-45C7-8C49-1A036501156F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D5DE972-F8B8-4964-943A-DA0BD18289D1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B1F59C-6ADA-4930-834F-2A8A8444F6AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"578BB9A7-BF28-4068-A9A6-1DE19CEEC293\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB58180-E5E0-4056-ABF9-A99E9F6A9E86\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89612649-BACF-4FAC-9BA4-324724FD93A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D9B255-C1AF-42D1-BF9B-13642FBDC080\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7CFE0E-9D1E-4495-B302-89C3096FC0DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5921A877-18BF-43FE-915C-D226E140ACFC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7296A1F2-D315-4FD5-8A73-65C480C855BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire_baseboard_management_controller:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D878165F-5C16-4376-8058-28787C9FF923\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210805-0010/\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210805-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210805-0010/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T18:44:14.199Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-22555\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-04T03:55:24.534831Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2025-10-06\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-03T18:07:40.026Z\"}}], \"cna\": {\"title\": \"Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Andy Nguyen\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Linux Kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.19-rc1\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2021-07-04T00:00:00.000Z\", \"references\": [{\"url\": \"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210805-0010/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html\", \"tags\": [\"x_refsource_MISC\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"shortName\": \"Google\", \"dateUpdated\": \"2022-01-06T19:06:15.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Andy Nguyen\"}], \"impact\": {\"cvss\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"2.6.19-rc1\", \"version_affected\": \"\u003e=\"}]}, \"product_name\": \"Linux Kernel\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528\", \"name\": \"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528\", \"refsource\": \"MISC\"}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21\", \"name\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21\", \"refsource\": \"MISC\"}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d\", \"name\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html\", \"name\": \"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210805-0010/\", \"name\": \"https://security.netapp.com/advisory/ntap-20210805-0010/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html\", \"name\": \"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html\", \"name\": \"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html\", \"name\": \"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html\", \"name\": \"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-787 Out-of-bounds Write\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-22555\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE\", \"ASSIGNER\": \"security@google.com\", \"DATE_PUBLIC\": \"2021-07-04T10:00:00.000Z\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-22555\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-30T20:32:33.647Z\", \"dateReserved\": \"2021-01-05T00:00:00.000Z\", \"assignerOrgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"datePublished\": \"2021-07-07T11:20:10.668Z\", \"assignerShortName\": \"Google\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2021:2577-1
Vulnerability from csaf_suse - Published: 2021-07-30 15:51 - Updated: 2021-07-30 15:51Summary
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP2)
Description of the patch: This update for the Linux Kernel 5.3.18-24_53_4 fixes several issues.
The following security issues were fixed:
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062)
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2020-36385: Fixed a use-after-free vulnerability reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. (bnc#1187050)
- CVE-2021-23133: Fixed a race condition in the SCTP sockets that could lead to kernel privilege escalation from the context of a network service or an unprivileged process. (bnc#1184675)
- CVE-2021-33034: Fixed a use-after-free vulnerability when destroying an hci_chan which leads to writing an arbitrary value. (bnc#1186111)
- CVE-2021-32399: Fixed a race condition in net/bluetooth/hci_request.c for removal of the HCI controller. (bsc#1184611)
- CVE-2020-36322: Fixed an issue in the FUSE filesystem implementation. This bug was addressed with a previous fix, which turned out was incomplete, and its incompleteness is tracked as CVE-2021-28950. (bsc#1184211)
- CVE-2021-29154: Fixed an incorrect computation of branch displacements in the BPF JIT compilers, which could allow to execute arbitrary code within the kernel context. (bsc#1184391)
- CVE-2021-3444: The bpf verifier did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. (bsc#1184170)
- CVE-2021-28660: Fixed an out-of-bounds write in rtw_wx_set_scan which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1183593)
- CVE-2021-27365: Fixed an issue in certain iSCSI data structures that do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. (bsc#1182715)
- CVE-2021-28688: Fixed some uninitialization pointers in Xen that could result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. (bsc#1183646)
- CVE-2021-27363: Fixed a kernel pointer leak that can be used to determine the address of the iscsi_transport structure. (bsc#1182716)
- CVE-2021-27364: Fixed an issue that provides an unprivileged user the ability of craft Netlink messages. (bsc#1182717)
Patchnames: SUSE-2021-2577,SUSE-SLE-Module-Live-Patching-15-SP2-2021-2577
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.7 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
99 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-24_53_4 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062)\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2020-36385: Fixed a use-after-free vulnerability reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. (bnc#1187050)\n- CVE-2021-23133: Fixed a race condition in the SCTP sockets that could lead to kernel privilege escalation from the context of a network service or an unprivileged process. (bnc#1184675)\n- CVE-2021-33034: Fixed a use-after-free vulnerability when destroying an hci_chan which leads to writing an arbitrary value. (bnc#1186111)\n- CVE-2021-32399: Fixed a race condition in net/bluetooth/hci_request.c for removal of the HCI controller. (bsc#1184611)\n- CVE-2020-36322: Fixed an issue in the FUSE filesystem implementation. This bug was addressed with a previous fix, which turned out was incomplete, and its incompleteness is tracked as CVE-2021-28950. (bsc#1184211)\n- CVE-2021-29154: Fixed an incorrect computation of branch displacements in the BPF JIT compilers, which could allow to execute arbitrary code within the kernel context. (bsc#1184391)\n- CVE-2021-3444: The bpf verifier did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. (bsc#1184170)\n- CVE-2021-28660: Fixed an out-of-bounds write in rtw_wx_set_scan which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1183593)\n- CVE-2021-27365: Fixed an issue in certain iSCSI data structures that do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. (bsc#1182715)\n- CVE-2021-28688: Fixed some uninitialization pointers in Xen that could result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. (bsc#1183646)\n- CVE-2021-27363: Fixed a kernel pointer leak that can be used to determine the address of the iscsi_transport structure. (bsc#1182716)\n- CVE-2021-27364: Fixed an issue that provides an unprivileged user the ability of craft Netlink messages. (bsc#1182717)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2577,SUSE-SLE-Module-Live-Patching-15-SP2-2021-2577",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2577-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2577-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212577-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2577-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009234.html"
},
{
"category": "self",
"summary": "SUSE Bug 1182717",
"url": "https://bugzilla.suse.com/1182717"
},
{
"category": "self",
"summary": "SUSE Bug 1183120",
"url": "https://bugzilla.suse.com/1183120"
},
{
"category": "self",
"summary": "SUSE Bug 1183491",
"url": "https://bugzilla.suse.com/1183491"
},
{
"category": "self",
"summary": "SUSE Bug 1183658",
"url": "https://bugzilla.suse.com/1183658"
},
{
"category": "self",
"summary": "SUSE Bug 1184171",
"url": "https://bugzilla.suse.com/1184171"
},
{
"category": "self",
"summary": "SUSE Bug 1184710",
"url": "https://bugzilla.suse.com/1184710"
},
{
"category": "self",
"summary": "SUSE Bug 1184952",
"url": "https://bugzilla.suse.com/1184952"
},
{
"category": "self",
"summary": "SUSE Bug 1185847",
"url": "https://bugzilla.suse.com/1185847"
},
{
"category": "self",
"summary": "SUSE Bug 1185899",
"url": "https://bugzilla.suse.com/1185899"
},
{
"category": "self",
"summary": "SUSE Bug 1185901",
"url": "https://bugzilla.suse.com/1185901"
},
{
"category": "self",
"summary": "SUSE Bug 1186285",
"url": "https://bugzilla.suse.com/1186285"
},
{
"category": "self",
"summary": "SUSE Bug 1187052",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "self",
"summary": "SUSE Bug 1188117",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "self",
"summary": "SUSE Bug 1188257",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36322 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23133 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-27363 page",
"url": "https://www.suse.com/security/cve/CVE-2021-27363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-27364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-27364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-27365 page",
"url": "https://www.suse.com/security/cve/CVE-2021-27365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28660 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28688 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-29154 page",
"url": "https://www.suse.com/security/cve/CVE-2021-29154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32399 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33034 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3444 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3444/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2021-07-30T15:51:38Z",
"generator": {
"date": "2021-07-30T15:51:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2577-1",
"initial_release_date": "2021-07-30T15:51:38Z",
"revision_history": [
{
"date": "2021-07-30T15:51:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_53_4-preempt-2-2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-24_53_4-preempt-2-2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-24_53_4-preempt-2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36322"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36322",
"url": "https://www.suse.com/security/cve/CVE-2020-36322"
},
{
"category": "external",
"summary": "SUSE Bug 1184211 for CVE-2020-36322",
"url": "https://bugzilla.suse.com/1184211"
},
{
"category": "external",
"summary": "SUSE Bug 1184952 for CVE-2020-36322",
"url": "https://bugzilla.suse.com/1184952"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36322",
"url": "https://bugzilla.suse.com/1189302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2020-36322"
},
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-23133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23133"
}
],
"notes": [
{
"category": "general",
"text": "A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)-\u003esctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23133",
"url": "https://www.suse.com/security/cve/CVE-2021-23133"
},
{
"category": "external",
"summary": "SUSE Bug 1184675 for CVE-2021-23133",
"url": "https://bugzilla.suse.com/1184675"
},
{
"category": "external",
"summary": "SUSE Bug 1185901 for CVE-2021-23133",
"url": "https://bugzilla.suse.com/1185901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-23133"
},
{
"cve": "CVE-2021-27363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-27363"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport\u0027s handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module\u0027s global variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-27363",
"url": "https://www.suse.com/security/cve/CVE-2021-27363"
},
{
"category": "external",
"summary": "SUSE Bug 1182716 for CVE-2021-27363",
"url": "https://bugzilla.suse.com/1182716"
},
{
"category": "external",
"summary": "SUSE Bug 1182717 for CVE-2021-27363",
"url": "https://bugzilla.suse.com/1182717"
},
{
"category": "external",
"summary": "SUSE Bug 1183120 for CVE-2021-27363",
"url": "https://bugzilla.suse.com/1183120"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2021-27363",
"url": "https://bugzilla.suse.com/1200084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-27363"
},
{
"cve": "CVE-2021-27364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-27364"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-27364",
"url": "https://www.suse.com/security/cve/CVE-2021-27364"
},
{
"category": "external",
"summary": "SUSE Bug 1182715 for CVE-2021-27364",
"url": "https://bugzilla.suse.com/1182715"
},
{
"category": "external",
"summary": "SUSE Bug 1182716 for CVE-2021-27364",
"url": "https://bugzilla.suse.com/1182716"
},
{
"category": "external",
"summary": "SUSE Bug 1182717 for CVE-2021-27364",
"url": "https://bugzilla.suse.com/1182717"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2021-27364",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2021-27364",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2021-27364",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-27364"
},
{
"cve": "CVE-2021-27365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-27365"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-27365",
"url": "https://www.suse.com/security/cve/CVE-2021-27365"
},
{
"category": "external",
"summary": "SUSE Bug 1182712 for CVE-2021-27365",
"url": "https://bugzilla.suse.com/1182712"
},
{
"category": "external",
"summary": "SUSE Bug 1182715 for CVE-2021-27365",
"url": "https://bugzilla.suse.com/1182715"
},
{
"category": "external",
"summary": "SUSE Bug 1183491 for CVE-2021-27365",
"url": "https://bugzilla.suse.com/1183491"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2021-27365",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2021-27365",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2021-27365",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-27365"
},
{
"cve": "CVE-2021-28660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28660"
}
],
"notes": [
{
"category": "general",
"text": "rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -\u003essid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28660",
"url": "https://www.suse.com/security/cve/CVE-2021-28660"
},
{
"category": "external",
"summary": "SUSE Bug 1183593 for CVE-2021-28660",
"url": "https://bugzilla.suse.com/1183593"
},
{
"category": "external",
"summary": "SUSE Bug 1183658 for CVE-2021-28660",
"url": "https://bugzilla.suse.com/1183658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-28660"
},
{
"cve": "CVE-2021-28688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28688"
}
],
"notes": [
{
"category": "general",
"text": "The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn\u0027t use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28688",
"url": "https://www.suse.com/security/cve/CVE-2021-28688"
},
{
"category": "external",
"summary": "SUSE Bug 1183646 for CVE-2021-28688",
"url": "https://bugzilla.suse.com/1183646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "moderate"
}
],
"title": "CVE-2021-28688"
},
{
"cve": "CVE-2021-29154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-29154"
}
],
"notes": [
{
"category": "general",
"text": "BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-29154",
"url": "https://www.suse.com/security/cve/CVE-2021-29154"
},
{
"category": "external",
"summary": "SUSE Bug 1184391 for CVE-2021-29154",
"url": "https://bugzilla.suse.com/1184391"
},
{
"category": "external",
"summary": "SUSE Bug 1184710 for CVE-2021-29154",
"url": "https://bugzilla.suse.com/1184710"
},
{
"category": "external",
"summary": "SUSE Bug 1186408 for CVE-2021-29154",
"url": "https://bugzilla.suse.com/1186408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-32399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32399"
}
],
"notes": [
{
"category": "general",
"text": "net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32399",
"url": "https://www.suse.com/security/cve/CVE-2021-32399"
},
{
"category": "external",
"summary": "SUSE Bug 1184611 for CVE-2021-32399",
"url": "https://bugzilla.suse.com/1184611"
},
{
"category": "external",
"summary": "SUSE Bug 1185898 for CVE-2021-32399",
"url": "https://bugzilla.suse.com/1185898"
},
{
"category": "external",
"summary": "SUSE Bug 1185899 for CVE-2021-32399",
"url": "https://bugzilla.suse.com/1185899"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2021-32399",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2021-32399",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2021-32399",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-32399"
},
{
"cve": "CVE-2021-33034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33034",
"url": "https://www.suse.com/security/cve/CVE-2021-33034"
},
{
"category": "external",
"summary": "SUSE Bug 1186111 for CVE-2021-33034",
"url": "https://bugzilla.suse.com/1186111"
},
{
"category": "external",
"summary": "SUSE Bug 1186285 for CVE-2021-33034",
"url": "https://bugzilla.suse.com/1186285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3444"
}
],
"notes": [
{
"category": "general",
"text": "The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 (\"bpf: Fix truncation handling for mod32 dst reg wrt zero\") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3444",
"url": "https://www.suse.com/security/cve/CVE-2021-3444"
},
{
"category": "external",
"summary": "SUSE Bug 1184170 for CVE-2021-3444",
"url": "https://bugzilla.suse.com/1184170"
},
{
"category": "external",
"summary": "SUSE Bug 1184171 for CVE-2021-3444",
"url": "https://bugzilla.suse.com/1184171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-30T15:51:38Z",
"details": "important"
}
],
"title": "CVE-2021-3444"
}
]
}
SUSE-SU-2021:2584-1
Vulnerability from csaf_suse - Published: 2021-08-02 07:44 - Updated: 2021-08-02 07:44Summary
Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-197_72 fixes several issues.
The following security issues were fixed:
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062)
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2020-36385: Fixed a use-after-free vulnerability reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. (bnc#1187050)
Patchnames: SUSE-2021-2584,SUSE-SLE-Live-Patching-12-SP4-2021-2584,SUSE-SLE-Module-Live-Patching-15-SP1-2021-2585
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-197_72 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062)\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2020-36385: Fixed a use-after-free vulnerability reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. (bnc#1187050)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2584,SUSE-SLE-Live-Patching-12-SP4-2021-2584,SUSE-SLE-Module-Live-Patching-15-SP1-2021-2585",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2584-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2584-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212584-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2584-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009239.html"
},
{
"category": "self",
"summary": "SUSE Bug 1187052",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "self",
"summary": "SUSE Bug 1188117",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "self",
"summary": "SUSE Bug 1188257",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2021-08-02T07:44:17Z",
"generator": {
"date": "2021-08-02T07:44:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2584-1",
"initial_release_date": "2021-08-02T07:44:17Z",
"revision_history": [
{
"date": "2021-08-02T07:44:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-95_68-default-8-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-02T07:44:17Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-02T07:44:17Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_72-default-9-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-02T07:44:17Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
}
]
}
SUSE-SU-2021:2599-1
Vulnerability from csaf_suse - Published: 2021-08-03 12:46 - Updated: 2021-08-03 12:46Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: * context changes
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: * context changes
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: * unsigned long -> uint32_t
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: * only panel-samsung-s6d16d0.c exists
- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: * context changes * GEM_WARN_ON() -> WARN_ON()
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: * context changes
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: * context changes * vc4_hdmi -> vc4->hdmi
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- mac80211: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme: fix in-casule data send for chained sgls (git-fixes).
- nvme: introduce nvme_rdma_sgl structure (git-fixes).
- nvme: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify and fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- UsrMerge the kernel (boo#1184804)
- vfio: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames: SUSE-2021-2599,SUSE-SLE-Module-RT-15-SP2-2021-2599
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
50 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: \t* context changes\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: \t* context changes\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: \t* unsigned long -\u003e uint32_t\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: \t* only panel-samsung-s6d16d0.c exists\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: \t* context changes \t* GEM_WARN_ON() -\u003e WARN_ON()\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: \t* context changes\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: \t* context changes \t* vc4_hdmi -\u003e vc4-\u003ehdmi\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- mac80211: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme: fix in-casule data send for chained sgls (git-fixes).\n- nvme: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify and fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).\n- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- UsrMerge the kernel (boo#1184804)\n- vfio: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2599,SUSE-SLE-Module-RT-15-SP2-2021-2599",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2599-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2599-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212599-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2599-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009244.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188525",
"url": "https://bugzilla.suse.com/1188525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-03T12:46:44Z",
"generator": {
"date": "2021-08-03T12:46:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2599-1",
"initial_release_date": "2021-08-03T12:46:44Z",
"revision_history": [
{
"date": "2021-08-03T12:46:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product_id": "kernel-devel-rt-5.3.18-45.3.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product_id": "kernel-source-rt-5.3.18-45.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product_id": "kernel-syms-rt-5.3.18-45.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP2",
"product": {
"name": "SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-45.3.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt_debug-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-45.3.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-45.3.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-45.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "moderate"
}
],
"title": "CVE-2021-3612"
}
]
}
SUSE-SU-2021:2599-2
Vulnerability from csaf_suse - Published: 2021-08-05 08:24 - Updated: 2021-08-05 08:24Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: * context changes
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: * context changes
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: * unsigned long -> uint32_t
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: * only panel-samsung-s6d16d0.c exists
- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: * context changes * GEM_WARN_ON() -> WARN_ON()
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: * context changes
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: * context changes * vc4_hdmi -> vc4->hdmi
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- mac80211: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme: fix in-casule data send for chained sgls (git-fixes).
- nvme: introduce nvme_rdma_sgl structure (git-fixes).
- nvme: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify and fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- UsrMerge the kernel (boo#1184804)
- vfio: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames: SUSE-2021-2599,SUSE-SUSE-MicroOS-5.0-2021-2599
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
50 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: \t* context changes\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: \t* context changes\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: \t* unsigned long -\u003e uint32_t\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: \t* only panel-samsung-s6d16d0.c exists\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: \t* context changes \t* GEM_WARN_ON() -\u003e WARN_ON()\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: \t* context changes\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: \t* context changes \t* vc4_hdmi -\u003e vc4-\u003ehdmi\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- mac80211: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme: fix in-casule data send for chained sgls (git-fixes).\n- nvme: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify and fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).\n- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- UsrMerge the kernel (boo#1184804)\n- vfio: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2599,SUSE-SUSE-MicroOS-5.0-2021-2599",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2599-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2599-2",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212599-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2599-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009260.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188525",
"url": "https://bugzilla.suse.com/1188525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-05T08:24:13Z",
"generator": {
"date": "2021-08-05T08:24:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2599-2",
"initial_release_date": "2021-08-05T08:24:13Z",
"revision_history": [
{
"date": "2021-08-05T08:24:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product_id": "kernel-devel-rt-5.3.18-45.3.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product_id": "kernel-source-rt-5.3.18-45.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product_id": "kernel-syms-rt-5.3.18-45.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-45.3.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "important"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "moderate"
}
],
"title": "CVE-2021-3612"
}
]
}
SUSE-SU-2021:2643-1
Vulnerability from csaf_suse - Published: 2021-08-10 08:03 - Updated: 2021-08-10 08:03Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. (bsc#1176724).
- CVE-2020-36386: Fixed a slab out-of-bounds read in hci_extended_inquiry_result_evt (bsc#1187038).
- CVE-2021-22543: Fixed an improper handling of VM_IO|VM_PFNMAP vmas in KVM that allows users to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (bnc#1186482)
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)
The following non-security bugs were fixed:
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
- Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
- Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: move many drivers to use DEVICE_ATTR_WO (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: sja1000: sja1000_err(): do not count arbitration lose as an error (git-fixes).
- can: sun4i_can: sun4i_can_err(): do not count arbitration lose as an error (git-fixes).
- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188750).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- cosa: Add missing kfree in error path of cosa_write (git-fixes).
- crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
- crypto: do not free algorithm before using (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix wrong shift (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- e100: handle eeprom as little endian (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188273).
- fuse: reject internal errno (bsc#1188274).
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add NULL pointer checks when freeing irqs (bsc#1176940).
- gve: Add basic driver framework for Compute Engine Virtual NIC (jsc#SLE-10538).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add ethtool support (jsc#SLE-10538).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Add workqueue and reset support (jsc#SLE-10538).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: Copy and paste bug in gve_get_stats() (jsc#SLE-10538).
- gve: Correct SKB queue index validation (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (bsc#1176940).
- gve: Fix case where desc_cnt and data_cnt can get out of sync (jsc#SLE-10538).
- gve: Fix error return code in gve_alloc_qpls() (jsc#SLE-10538).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix the queue page list allocated pages count (bsc#1176940).
- gve: Fix u64_stats_sync to initialize start (jsc#SLE-10538).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Fixes DMA synchronization (jsc#SLE-10538).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Remove the exporting of gve_probe (jsc#SLE-10538).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Update mgmt_msix_idx if num_ntfy changes (bsc#1176940).
- gve: Upgrade memory barrier in poll routine (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: fix -ENOMEM null check on a page allocation (jsc#SLE-10538).
- gve: fix dma sync bug where not all pages synced (bsc#1176940).
- gve: fix unused variable/label warnings (jsc#SLE-10538).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- gve: replace kfree with kvfree (jsc#SLE-10538).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- kabi: fix nvme_wait_freeze_timeout() return type (bsc#1181161).
- kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: trigger: fix potential deadlock with libata (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lpfc: Decouple port_template and vport_template (bsc#1185032).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- mlxsw: core: Use variable timeout for EMAD retries (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Disable QoS when min_rates on all VFs are zero (git-fixes).
- net/mlx5: Query PPS pin operational status before registering it (git-fixes).
- net/mlx5: Verify Hardware supports requested ptp function on a given pin (git-fixes).
- net: Google gve: Remove dma_wmb() before ringing doorbell (bsc#1176940).
- net: b44: fix error return code in b44_init_one() (git-fixes).
- net: broadcom CNIC: requires MMU (git-fixes).
- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- netsec: restore phy power state after controller reset (git-fixes).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-core: add cancel tagset helpers (bsc#1181161).
- nvme-multipath: fix double initialization of ANA state (bsc#1181161).
- nvme-rdma: add clean action for failed reconnection (bsc#1181161).
- nvme-rdma: fix reset hang if controller died in the middle of a reset (bsc#1181161).
- nvme-rdma: use cancel tagset helper for tear down (bsc#1181161).
- nvme: have nvme_wait_freeze_timeout return if it timed out (bsc#1181161).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- nvmet: use new ana_log_size instead the old one (bsc#1181161).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries/scm: Use a specific endian format for storing uuid from the device tree (bsc#1113295, git-fixes).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- sched/numa: Fix a possible divide-by-zero (git-fixes)
- scripts/git_sort/git_sort.py: add bpf git repo
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- scsi: smartpqi: create module parameters for LUN reset (bsc#1179195).
- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: move many drivers to use DEVICE_ATTR_WO (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usbip: Fix incorrect double assignment to udc->ud.tcp_rx (git-fixes).
- usbip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes).
- usbip: vudc synchronize sysfs code paths (git-fixes).
- usbip: vudc: fix missing unlock on error in usbip_sockfd_store() (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen-pciback: reconfigure also from backend watch handler (git-fixes).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
Patchnames: SUSE-2021-2643,SUSE-SLE-RT-12-SP5-2021-2643
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
102 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).\n- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. (bsc#1176724).\n- CVE-2020-36386: Fixed a slab out-of-bounds read in hci_extended_inquiry_result_evt (bsc#1187038).\n- CVE-2021-22543: Fixed an improper handling of VM_IO|VM_PFNMAP vmas in KVM that allows users to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (bnc#1186482)\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)\n\nThe following non-security bugs were fixed:\n\n- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).\n- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).\n- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).\n- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).\n- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).\n- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).\n- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Mark TI C667X to avoid bus reset (git-fixes).\n- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).\n- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027PCI: PM: Do not read power state in pci_enable_device_flags()\u0027 (git-fixes).\n- Revert \u0027USB: cdc-acm: fix rounding error in TIOCSSERIAL\u0027 (git-fixes).\n- Revert \u0027hwmon: (lm80) fix a missing check of bus read in lm80 probe\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- USB: move many drivers to use DEVICE_ATTR_WO (git-fixes).\n- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).\n- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).\n- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).\n- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).\n- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).\n- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: ems_usb: fix memory leak (git-fixes).\n- can: esd_usb2: fix memory leak (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: mcba_usb_start(): add missing urb-\u003etransfer_dma initialization (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).\n- can: sja1000: sja1000_err(): do not count arbitration lose as an error (git-fixes).\n- can: sun4i_can: sun4i_can_err(): do not count arbitration lose as an error (git-fixes).\n- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).\n- can: usb_8dev: fix memory leak (git-fixes).\n- ceph: do not WARN if we\u0027re still opening a session to an MDS (bsc#1188750).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- cifs: Fix preauth hash corruption (git-fixes).\n- cifs: Return correct error code from smb2_get_enc_key (git-fixes).\n- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb-\u003eprepath (git-fixes).\n- cifs: fix interrupted close commands (git-fixes).\n- cifs: fix memory leak in smb2_copychunk_range (git-fixes).\n- cosa: Add missing kfree in error path of cosa_write (git-fixes).\n- crypto: cavium/nitrox - Fix an error rhandling path in \u0027nitrox_probe()\u0027 (git-fixes).\n- crypto: do not free algorithm before using (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- cxgb4: fix wrong shift (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm: Return -ENOTTY for non-drm ioctls (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- e100: handle eeprom as little endian (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188273).\n- fuse: reject internal errno (bsc#1188274).\n- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)\n- genirq: Disable interrupts for force threaded handlers (git-fixes)\n- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)\n- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)\n- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add NULL pointer checks when freeing irqs (bsc#1176940).\n- gve: Add basic driver framework for Compute Engine Virtual NIC (jsc#SLE-10538).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add ethtool support (jsc#SLE-10538).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: Add workqueue and reset support (jsc#SLE-10538).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: Copy and paste bug in gve_get_stats() (jsc#SLE-10538).\n- gve: Correct SKB queue index validation (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (bsc#1176940).\n- gve: Fix case where desc_cnt and data_cnt can get out of sync (jsc#SLE-10538).\n- gve: Fix error return code in gve_alloc_qpls() (jsc#SLE-10538).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix the queue page list allocated pages count (bsc#1176940).\n- gve: Fix u64_stats_sync to initialize start (jsc#SLE-10538).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Fixes DMA synchronization (jsc#SLE-10538).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Remove the exporting of gve_probe (jsc#SLE-10538).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Update mgmt_msix_idx if num_ntfy changes (bsc#1176940).\n- gve: Upgrade memory barrier in poll routine (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: fix -ENOMEM null check on a page allocation (jsc#SLE-10538).\n- gve: fix dma sync bug where not all pages synced (bsc#1176940).\n- gve: fix unused variable/label warnings (jsc#SLE-10538).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- gve: replace kfree with kvfree (jsc#SLE-10538).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma180: Use explicit member assignment (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- kabi: fix nvme_wait_freeze_timeout() return type (bsc#1181161).\n- kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: trigger: fix potential deadlock with libata (git-fixes).\n- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lpfc: Decouple port_template and vport_template (bsc#1185032).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).\n- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).\n- mlxsw: core: Use variable timeout for EMAD retries (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net/mlx5: Disable QoS when min_rates on all VFs are zero (git-fixes).\n- net/mlx5: Query PPS pin operational status before registering it (git-fixes).\n- net/mlx5: Verify Hardware supports requested ptp function on a given pin (git-fixes).\n- net: Google gve: Remove dma_wmb() before ringing doorbell (bsc#1176940).\n- net: b44: fix error return code in b44_init_one() (git-fixes).\n- net: broadcom CNIC: requires MMU (git-fixes).\n- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- netsec: restore phy power state after controller reset (git-fixes).\n- nfc: nfcsim: fix use after free during module unload (git-fixes).\n- nvme-core: add cancel tagset helpers (bsc#1181161).\n- nvme-multipath: fix double initialization of ANA state (bsc#1181161).\n- nvme-rdma: add clean action for failed reconnection (bsc#1181161).\n- nvme-rdma: fix reset hang if controller died in the middle of a reset (bsc#1181161).\n- nvme-rdma: use cancel tagset helper for tear down (bsc#1181161).\n- nvme: have nvme_wait_freeze_timeout return if it timed out (bsc#1181161).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- nvmet: use new ana_log_size instead the old one (bsc#1181161).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: ab8500: Avoid NULL pointers (git-fixes).\n- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).\n- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).\n- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).\n- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).\n- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries/scm: Use a specific endian format for storing uuid from the device tree (bsc#1113295, git-fixes).\n- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).\n- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).\n- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).\n- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).\n- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).\n- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).\n- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).\n- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).\n- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).\n- pwm: spear: Do not modify HW state in .remove callback (git-fixes).\n- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)\n- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)\n- sched/fair: Fix unfairness caused by missing load decay (git-fixes)\n- sched/numa: Fix a possible divide-by-zero (git-fixes)\n- scripts/git_sort/git_sort.py: add bpf git repo\n- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).\n- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- scsi: smartpqi: create module parameters for LUN reset (bsc#1179195).\n- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- smb3: Fix out-of-bounds bug in SMB2_negotiate() (git-fixes).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: mediatek: fix fifo rx mode (git-fixes).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- tracing: Do not reference char * as a string in histograms (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).\n- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).\n- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).\n- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).\n- usb: max-3421: Prevent corruption of freed memory (git-fixes).\n- usb: move many drivers to use DEVICE_ATTR_WO (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usbip: Fix incorrect double assignment to udc-\u003eud.tcp_rx (git-fixes).\n- usbip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes).\n- usbip: vudc synchronize sysfs code paths (git-fixes).\n- usbip: vudc: fix missing unlock on error in usbip_sockfd_store() (git-fixes).\n- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).\n- virtio_console: Assure used length from device is limited (git-fixes).\n- w1: ds2438: fixing bug that would always get page0 (git-fixes).\n- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).\n- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).\n- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).\n- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xen-pciback: reconfigure also from backend watch handler (git-fixes).\n- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).\n- xhci: Fix lost USB 2 remote wake (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2643,SUSE-SLE-RT-12-SP5-2021-2643",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2643-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2643-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212643-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2643-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009279.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1153720",
"url": "https://bugzilla.suse.com/1153720"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176724",
"url": "https://bugzilla.suse.com/1176724"
},
{
"category": "self",
"summary": "SUSE Bug 1176931",
"url": "https://bugzilla.suse.com/1176931"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179195",
"url": "https://bugzilla.suse.com/1179195"
},
{
"category": "self",
"summary": "SUSE Bug 1181161",
"url": "https://bugzilla.suse.com/1181161"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185032",
"url": "https://bugzilla.suse.com/1185032"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185377",
"url": "https://bugzilla.suse.com/1185377"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1185995",
"url": "https://bugzilla.suse.com/1185995"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1186672",
"url": "https://bugzilla.suse.com/1186672"
},
{
"category": "self",
"summary": "SUSE Bug 1187038",
"url": "https://bugzilla.suse.com/1187038"
},
{
"category": "self",
"summary": "SUSE Bug 1187050",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187476",
"url": "https://bugzilla.suse.com/1187476"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1187846",
"url": "https://bugzilla.suse.com/1187846"
},
{
"category": "self",
"summary": "SUSE Bug 1188026",
"url": "https://bugzilla.suse.com/1188026"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188101",
"url": "https://bugzilla.suse.com/1188101"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188273",
"url": "https://bugzilla.suse.com/1188273"
},
{
"category": "self",
"summary": "SUSE Bug 1188274",
"url": "https://bugzilla.suse.com/1188274"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188620",
"url": "https://bugzilla.suse.com/1188620"
},
{
"category": "self",
"summary": "SUSE Bug 1188750",
"url": "https://bugzilla.suse.com/1188750"
},
{
"category": "self",
"summary": "SUSE Bug 1188838",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "self",
"summary": "SUSE Bug 1188842",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "self",
"summary": "SUSE Bug 1188876",
"url": "https://bugzilla.suse.com/1188876"
},
{
"category": "self",
"summary": "SUSE Bug 1188885",
"url": "https://bugzilla.suse.com/1188885"
},
{
"category": "self",
"summary": "SUSE Bug 1188973",
"url": "https://bugzilla.suse.com/1188973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0429 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36386 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37576/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-10T08:03:06Z",
"generator": {
"date": "2021-08-10T08:03:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2643-1",
"initial_release_date": "2021-08-10T08:03:06Z",
"revision_history": [
{
"date": "2021-08-10T08:03:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.54.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.54.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.54.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.54.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.54.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.54.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.54.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.54.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.54.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0429"
}
],
"notes": [
{
"category": "general",
"text": "In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0429",
"url": "https://www.suse.com/security/cve/CVE-2020-0429"
},
{
"category": "external",
"summary": "SUSE Bug 1176724 for CVE-2020-0429",
"url": "https://bugzilla.suse.com/1176724"
},
{
"category": "external",
"summary": "SUSE Bug 1176931 for CVE-2020-0429",
"url": "https://bugzilla.suse.com/1176931"
},
{
"category": "external",
"summary": "SUSE Bug 1188026 for CVE-2020-0429",
"url": "https://bugzilla.suse.com/1188026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2020-0429"
},
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2020-36386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36386"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36386",
"url": "https://www.suse.com/security/cve/CVE-2020-36386"
},
{
"category": "external",
"summary": "SUSE Bug 1187038 for CVE-2020-36386",
"url": "https://bugzilla.suse.com/1187038"
},
{
"category": "external",
"summary": "SUSE Bug 1192868 for CVE-2020-36386",
"url": "https://bugzilla.suse.com/1192868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2020-36386"
},
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2021-3612"
},
{
"cve": "CVE-2021-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3659"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3659",
"url": "https://www.suse.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "SUSE Bug 1188876 for CVE-2021-3659",
"url": "https://bugzilla.suse.com/1188876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2021-3659"
},
{
"cve": "CVE-2021-37576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37576"
}
],
"notes": [
{
"category": "general",
"text": "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37576",
"url": "https://www.suse.com/security/cve/CVE-2021-37576"
},
{
"category": "external",
"summary": "SUSE Bug 1188838 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "external",
"summary": "SUSE Bug 1188842 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1190276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-37576"
}
]
}
WID-SEC-W-2022-0609
Vulnerability from csaf_certbund - Published: 2021-07-07 22:00 - Updated: 2025-10-12 22:00Summary
Linux Kernel: Schwachstelle ermöglicht Erlangen von Systemrechten
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um Systemrechte zu erlangen und einen Denial of Service Zustand herzustellen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
NetApp FAS
NetApp
|
cpe:/h:netapp:fas:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel <5.12
Open Source / Linux Kernel
|
<5.12 | ||
|
Avaya Web License Manager
Avaya
|
cpe:/a:avaya:web_license_manager:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
References
67 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um Systemrechte zu erlangen und einen Denial of Service Zustand herzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0609 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0609.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0609 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0609"
},
{
"category": "external",
"summary": "Github Linux Kernel vom 2021-07-07",
"url": "https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528"
},
{
"category": "external",
"summary": "Red Hat Bugzilla - Bug 1980101 vom 2021-07-07",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980101"
},
{
"category": "external",
"summary": "Security Research CVE-2021-22555 vom 2021-07-16",
"url": "https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2407-1 vom 2021-07-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009167.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2408-1 vom 2021-07-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009160.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2406-1 vom 2021-07-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009166.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2416-1 vom 2021-07-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009169.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2415-1 vom 2021-07-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009170.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2409-1 vom 2021-07-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009164.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2421-1 vom 2021-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009183.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2427-1 vom 2021-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009190.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2422-1 vom 2021-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009191.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2438-1 vom 2021-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009194.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2451-1 vom 2021-07-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009203.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2487-1 vom 2021-07-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009222.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2538-1 vom 2021-07-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009221.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2542-1 vom 2021-07-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009226.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2560-1 vom 2021-07-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009230.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2559-1 vom 2021-07-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009233.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2577-1 vom 2021-07-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009234.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2584-1 vom 2021-08-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009239.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9395 vom 2021-08-04",
"url": "http://linux.oracle.com/errata/ELSA-2021-9395.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2599-1 vom 2021-08-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009244.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2599-2 vom 2021-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009260.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20210805-0010 vom 2021-08-05",
"url": "https://security.netapp.com/advisory/ntap-20210805-0010/"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2021-0025 vom 2021-08-09",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-August/001026.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2021-0025 vom 2021-08-09",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-August/001027.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3044 vom 2021-08-10",
"url": "https://access.redhat.com/errata/RHSA-2021:3044"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2643-1 vom 2021-08-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009279.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3057 vom 2021-08-10",
"url": "https://access.redhat.com/errata/RHSA-2021:3057"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3088 vom 2021-08-10",
"url": "https://access.redhat.com/errata/RHSA-2021:3088"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-3057 vom 2021-08-12",
"url": "http://linux.oracle.com/errata/ELSA-2021-3057.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5039-1 vom 2021-08-13",
"url": "https://ubuntu.com/security/notices/USN-5039-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0080-1 vom 2021-08-16",
"url": "https://ubuntu.com/security/notices/LSN-0080-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3173 vom 2021-08-17",
"url": "https://access.redhat.com/errata/RHSA-2021:3173"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3181 vom 2021-08-17",
"url": "https://access.redhat.com/errata/RHSA-2021:3181"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3235 vom 2021-08-20",
"url": "https://access.redhat.com/errata/RHSA-2021:3235"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-108 vom 2021-08-25",
"url": "https://downloads.avaya.com/css/P8/documents/101077238"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3361 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3361"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3321 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3321"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3328 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3328"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3380 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3380"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3327 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3327"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3381 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3381"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3375 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3375"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3363 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3363"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3399 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3399"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-3327 vom 2021-09-01",
"url": "http://linux.oracle.com/errata/ELSA-2021-3327.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2021:3327 vom 2021-09-01",
"url": "https://lists.centos.org/pipermail/centos-announce/2021-August/048356.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3262 vom 2021-09-01",
"url": "https://access.redhat.com/errata/RHSA-2021:3262"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-110 vom 2021-09-02",
"url": "https://downloads.avaya.com/css/P8/documents/101077404"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-110 vom 2021-09-02",
"url": "https://downloads.avaya.com/css/P8/documents/101077405"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3454 vom 2021-09-08",
"url": "https://access.redhat.com/errata/RHSA-2021:3454"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3477 vom 2021-09-09",
"url": "https://access.redhat.com/errata/RHSA-2021:3477"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0081-1 vom 2021-09-13",
"url": "https://ubuntu.com/security/notices/LSN-0081-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3523 vom 2021-09-14",
"url": "https://access.redhat.com/errata/RHSA-2021:3523"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3522 vom 2021-09-14",
"url": "https://access.redhat.com/errata/RHSA-2021:3522"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3598 vom 2021-09-21",
"url": "https://access.redhat.com/errata/RHSA-2021:3598"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3653 vom 2021-09-23",
"url": "https://access.redhat.com/errata/RHSA-2021:3653"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3725 vom 2021-10-05",
"url": "https://access.redhat.com/errata/RHSA-2021:3725"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3814 vom 2021-10-12",
"url": "https://access.redhat.com/errata/RHSA-2021:3814"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3812 vom 2021-10-12",
"url": "https://access.redhat.com/errata/RHSA-2021:3812"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0083-1 vom 2022-01-06",
"url": "https://ubuntu.com/security/notices/LSN-0083-1"
},
{
"category": "external",
"summary": "F5 Security Advisory K06524534 vom 2022-07-07",
"url": "https://support.f5.com/csp/article/K06524534"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17733 vom 2025-10-11",
"url": "https://access.redhat.com/errata/RHSA-2025:17733"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Schwachstelle erm\u00f6glicht Erlangen von Systemrechten",
"tracking": {
"current_release_date": "2025-10-12T22:00:00.000+00:00",
"generator": {
"date": "2025-10-13T08:54:57.208+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2022-0609",
"initial_release_date": "2021-07-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-07-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-07-15T22:00:00.000+00:00",
"number": "2",
"summary": "PoC hinzugef\u00fcgt"
},
{
"date": "2021-07-20T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-07-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-07-22T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-07-27T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-07-28T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-07-29T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-08-01T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-08-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-08-03T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2021-08-05T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE und NetApp aufgenommen"
},
{
"date": "2021-08-09T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2021-08-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2021-08-11T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-08-12T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2021-08-16T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2021-08-19T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-08-26T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2021-08-30T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-08-31T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2021-09-01T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von CentOS und Red Hat aufgenommen"
},
{
"date": "2021-09-05T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2021-09-07T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-08T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-13T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2021-09-20T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-23T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-10-04T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-10-12T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-06T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-07-07T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Informationen von F5 aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "33"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp FAS",
"product": {
"name": "NetApp FAS",
"product_id": "T011540",
"product_identification_helper": {
"cpe": "cpe:/h:netapp:fas:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.12",
"product": {
"name": "Open Source Linux Kernel \u003c5.12",
"product_id": "T019256"
}
},
{
"category": "product_version",
"name": "5.12",
"product": {
"name": "Open Source Linux Kernel 5.12",
"product_id": "T019256-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003e=v2.6.19-rc1",
"product": {
"name": "Open Source Linux Kernel \u003e=v2.6.19-rc1",
"product_id": "T019729"
}
},
{
"category": "product_version_range",
"name": "\u003e=v2.6.19-rc1",
"product": {
"name": "Open Source Linux Kernel \u003e=v2.6.19-rc1",
"product_id": "T019729-fixed"
}
}
],
"category": "product_name",
"name": "Linux Kernel"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"T011540",
"T015127",
"T015126",
"T004914",
"T019256",
"T016243",
"T002207",
"T000126",
"T001663",
"1727"
]
},
"release_date": "2021-07-07T22:00:00.000+00:00",
"title": "CVE-2021-22555"
}
]
}
WID-SEC-W-2023-0063
Vulnerability from csaf_certbund - Published: 2022-01-12 23:00 - Updated: 2025-10-08 22:00Summary
Juniper Junos Space: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff: Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, beliebigen Code auszuführen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme: - Juniper Appliance
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0063 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0063 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2022-01-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA70182 vom 2023-01-12",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA103138 vom 2024-10-08",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
}
],
"source_lang": "en-US",
"title": "Juniper Junos Space: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-08T22:00:00.000+00:00",
"generator": {
"date": "2025-10-09T07:39:55.488+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-0063",
"initial_release_date": "2022-01-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Juniper aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper Contrail Service Orchestration",
"product": {
"name": "Juniper Contrail Service Orchestration",
"product_id": "T025794",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:contrail_service_orchestration:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c21.3R1",
"product": {
"name": "Juniper Junos Space \u003c21.3R1",
"product_id": "T021576"
}
},
{
"category": "product_version",
"name": "21.3R1",
"product": {
"name": "Juniper Junos Space 21.3R1",
"product_id": "T021576-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:21.3r1"
}
}
},
{
"category": "product_version_range",
"name": "Security Director \u003c24.1R4",
"product": {
"name": "Juniper Junos Space Security Director \u003c24.1R4",
"product_id": "T047484"
}
},
{
"category": "product_version",
"name": "Security Director 24.1R4",
"product": {
"name": "Juniper Junos Space Security Director 24.1R4",
"product_id": "T047484-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r4::security_director"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-20934",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2019-20934"
},
{
"cve": "CVE-2020-0543",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-0549",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0549"
},
{
"cve": "CVE-2020-11022",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11668",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12363",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12363"
},
{
"cve": "CVE-2020-12364",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12364"
},
{
"cve": "CVE-2020-1927",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-24489",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-27170",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-27170"
},
{
"cve": "CVE-2020-27777",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-29443",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-29443"
},
{
"cve": "CVE-2020-8625",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8625"
},
{
"cve": "CVE-2020-8648",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-8695",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8698"
},
{
"cve": "CVE-2020-9490",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-20254",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-20254"
},
{
"cve": "CVE-2021-22555",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-22901",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-2341",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2341"
},
{
"cve": "CVE-2021-2342",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-2356",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2369",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2369"
},
{
"cve": "CVE-2021-2372",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2388",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2388"
},
{
"cve": "CVE-2021-2389",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25214",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-25214"
},
{
"cve": "CVE-2021-25217",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-25217"
},
{
"cve": "CVE-2021-27219",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-29154",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-29650",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-29650"
},
{
"cve": "CVE-2021-31535",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-32399",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-32399"
},
{
"cve": "CVE-2021-33033",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-3347",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3653",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3653"
},
{
"cve": "CVE-2021-3656",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3656"
},
{
"cve": "CVE-2021-3715",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3715"
},
{
"cve": "CVE-2021-37576",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-37576"
},
{
"cve": "CVE-2021-4104",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-4104"
},
{
"cve": "CVE-2021-42550",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2021-44228",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-44228"
},
{
"cve": "CVE-2021-45046",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-45046"
}
]
}
WID-SEC-W-2025-0227
Vulnerability from csaf_certbund - Published: 2021-11-30 23:00 - Updated: 2025-01-30 23:00Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existiert eine Schwachstelle. Es werden unsichere Kryptoalgorithmen genutzt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existiert eine Schwachstelle. Die Schwachstellen ist auf eine fehlende Authentisierung beim Schlüsselaustausch zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existiert eine Schwachstelle. Die Schwachstelle ist auf einen unzureichenden Patch zurückzuführen und ermöglicht einen Server-Site-Request-Forgery (SSRF)-Angriff. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
In IBM QRadar SIEM existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM 7.3
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.3
|
7.3 | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 |
References
14 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0227 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2025-0227.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0227 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0227"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520488 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520488"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520484 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520484"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520490 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520490"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520476 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520476"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520492 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520492"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520478 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520478"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520486 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520486"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520474 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520474"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520472 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520472"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520482 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520482"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6520480 vom 2021-11-30",
"url": "https://www.ibm.com/support/pages/node/6520480"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7182001 vom 2025-01-30",
"url": "https://www.ibm.com/support/pages/node/7182001"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-30T23:00:00.000+00:00",
"generator": {
"date": "2025-01-31T09:11:30.679+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0227",
"initial_release_date": "2021-11-30T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-11-30T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-30T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM QRadar SIEM 7.3",
"product_id": "T014687",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.3"
}
}
},
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T016287",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
},
{
"category": "product_version",
"name": "7.5.0",
"product": {
"name": "IBM QRadar SIEM 7.5.0",
"product_id": "T023574",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10228",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2016-10228"
},
{
"cve": "CVE-2017-14502",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2017-14502"
},
{
"cve": "CVE-2017-15713",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2017-15713"
},
{
"cve": "CVE-2018-1000858",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2018-1000858"
},
{
"cve": "CVE-2018-11768",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2018-11768"
},
{
"cve": "CVE-2018-18751",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2018-18751"
},
{
"cve": "CVE-2018-20843",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2018-20843"
},
{
"cve": "CVE-2018-8029",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2018-8029"
},
{
"cve": "CVE-2019-13012",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-13012"
},
{
"cve": "CVE-2019-13050",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-13050"
},
{
"cve": "CVE-2019-13627",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-13627"
},
{
"cve": "CVE-2019-14866",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-14866"
},
{
"cve": "CVE-2019-14889",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-14889"
},
{
"cve": "CVE-2019-15903",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-15903"
},
{
"cve": "CVE-2019-16935",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-16935"
},
{
"cve": "CVE-2019-18276",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-18276"
},
{
"cve": "CVE-2019-19221",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-19221"
},
{
"cve": "CVE-2019-19906",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2019-19956",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-19956"
},
{
"cve": "CVE-2019-20387",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-20387"
},
{
"cve": "CVE-2019-20388",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-20388"
},
{
"cve": "CVE-2019-20454",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-20454"
},
{
"cve": "CVE-2019-20907",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-20907"
},
{
"cve": "CVE-2019-20916",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-20916"
},
{
"cve": "CVE-2019-25013",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-25013"
},
{
"cve": "CVE-2019-2708",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-2708"
},
{
"cve": "CVE-2019-3842",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-3842"
},
{
"cve": "CVE-2019-9169",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-9169"
},
{
"cve": "CVE-2019-9924",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2019-9924"
},
{
"cve": "CVE-2020-11080",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-11080"
},
{
"cve": "CVE-2020-12362",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12363",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-12363"
},
{
"cve": "CVE-2020-12364",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-12364"
},
{
"cve": "CVE-2020-13434",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-13434"
},
{
"cve": "CVE-2020-13543",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-13543"
},
{
"cve": "CVE-2020-13584",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-13584"
},
{
"cve": "CVE-2020-13776",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-13776"
},
{
"cve": "CVE-2020-13777",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-13777"
},
{
"cve": "CVE-2020-13954",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-13954"
},
{
"cve": "CVE-2020-14352",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-14352"
},
{
"cve": "CVE-2020-14422",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-14422"
},
{
"cve": "CVE-2020-15358",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-15358"
},
{
"cve": "CVE-2020-1730",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-1730"
},
{
"cve": "CVE-2020-24489",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-24513"
},
{
"cve": "CVE-2020-24659",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-24659"
},
{
"cve": "CVE-2020-24977",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-24977"
},
{
"cve": "CVE-2020-26116",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-26116"
},
{
"cve": "CVE-2020-27170",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-27170"
},
{
"cve": "CVE-2020-27618",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-27618"
},
{
"cve": "CVE-2020-27619",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-27619"
},
{
"cve": "CVE-2020-27777",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-28196",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-28196"
},
{
"cve": "CVE-2020-29361",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-29361"
},
{
"cve": "CVE-2020-29362",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-29362"
},
{
"cve": "CVE-2020-29363",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-29363"
},
{
"cve": "CVE-2020-7226",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-7226"
},
{
"cve": "CVE-2020-7595",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-7595"
},
{
"cve": "CVE-2020-8177",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8177"
},
{
"cve": "CVE-2020-8231",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8231"
},
{
"cve": "CVE-2020-8284",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8284"
},
{
"cve": "CVE-2020-8285",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8285"
},
{
"cve": "CVE-2020-8286",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8286"
},
{
"cve": "CVE-2020-8492",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8492"
},
{
"cve": "CVE-2020-8648",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-8927",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-8927"
},
{
"cve": "CVE-2020-9492",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-9492"
},
{
"cve": "CVE-2020-9948",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-9948"
},
{
"cve": "CVE-2020-9951",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-9951"
},
{
"cve": "CVE-2020-9983",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2020-9983"
},
{
"cve": "CVE-2021-20271",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-20271"
},
{
"cve": "CVE-2021-20305",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-20305"
},
{
"cve": "CVE-2021-2161",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-2161"
},
{
"cve": "CVE-2021-22555",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-22696",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-22696"
},
{
"cve": "CVE-2021-23239",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-23239"
},
{
"cve": "CVE-2021-23240",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-23240"
},
{
"cve": "CVE-2021-23336",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-23336"
},
{
"cve": "CVE-2021-28163",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-28163"
},
{
"cve": "CVE-2021-28165",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-28165"
},
{
"cve": "CVE-2021-28169",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-28169"
},
{
"cve": "CVE-2021-29154",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-29425",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-29650",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-29650"
},
{
"cve": "CVE-2021-30468",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-30468"
},
{
"cve": "CVE-2021-31811",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-31811"
},
{
"cve": "CVE-2021-31812",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-31812"
},
{
"cve": "CVE-2021-32027",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-32027"
},
{
"cve": "CVE-2021-32028",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-32028"
},
{
"cve": "CVE-2021-32399",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-32399"
},
{
"cve": "CVE-2021-3326",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3326"
},
{
"cve": "CVE-2021-3347",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33503",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-33503"
},
{
"cve": "CVE-2021-3449",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3449"
},
{
"cve": "CVE-2021-3450",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3450"
},
{
"cve": "CVE-2021-3516",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3516"
},
{
"cve": "CVE-2021-3520",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3520"
},
{
"cve": "CVE-2021-3541",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3541"
},
{
"cve": "CVE-2021-3715",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in verschiedenen Komponenten. Ein entfernter, anonymer oder authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Administratorrechte zu erlangen, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-3715"
},
{
"cve": "CVE-2021-20400",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existiert eine Schwachstelle. Es werden unsichere Kryptoalgorithmen genutzt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-20400"
},
{
"cve": "CVE-2021-29779",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existiert eine Schwachstelle. Die Schwachstellen ist auf eine fehlende Authentisierung beim Schl\u00fcsselaustausch zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-29779"
},
{
"cve": "CVE-2021-29863",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existiert eine Schwachstelle. Die Schwachstelle ist auf einen unzureichenden Patch zur\u00fcckzuf\u00fchren und erm\u00f6glicht einen Server-Site-Request-Forgery (SSRF)-Angriff. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-29863"
},
{
"cve": "CVE-2021-29849",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T014687",
"T023574",
"T016287"
]
},
"release_date": "2021-11-30T23:00:00.000+00:00",
"title": "CVE-2021-29849"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…