SUSE-SU-2021:2407-1
Vulnerability from csaf_suse - Published: 2021-07-20 12:40 - Updated: 2021-07-20 12:40Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bnc#1188116)
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation (bsc#1187050).
The following non-security bugs were fixed:
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: flexcan: disable completely the ECC mechanism (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (12sp5).
- cxgb4: fix wrong shift (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188273).
- fuse: reject internal errno (bsc#1188274).
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: trigger: fix potential deadlock with libata (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lpfc: Decouple port_template and vport_template (bsc#1185032).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
- mlxsw: spectrum: Do not process learned records with a dummy FID (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net: caif: Fix debugfs on 64-bit platforms (git-fixes).
- net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes).
- net: stmmac: Correctly take timestamp for PTPv2 (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- netsec: restore phy power state after controller reset (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
- Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- sched/numa: Fix a possible divide-by-zero (git-fixes)
- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1188010).
- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
Patchnames: SUSE-2021-2407,SUSE-SLE-SERVER-12-SP5-2021-2407
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bnc#1188116)\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation (bsc#1187050).\n\nThe following non-security bugs were fixed:\n\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).\n- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: flexcan: disable completely the ECC mechanism (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- crypto: cavium/nitrox - Fix an error rhandling path in \u0027nitrox_probe()\u0027 (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (12sp5).\n- cxgb4: fix wrong shift (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188273).\n- fuse: reject internal errno (bsc#1188274).\n- genirq: Disable interrupts for force threaded handlers (git-fixes)\n- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)\n- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)\n- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).\n- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).\n- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).\n- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: trigger: fix potential deadlock with libata (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lpfc: Decouple port_template and vport_template (bsc#1185032).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).\n- mlxsw: spectrum: Do not process learned records with a dummy FID (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net: caif: Fix debugfs on 64-bit platforms (git-fixes).\n- net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes).\n- net: stmmac: Correctly take timestamp for PTPv2 (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- netsec: restore phy power state after controller reset (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).\n- PCI: Mark TI C667X to avoid bus reset (git-fixes).\n- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027hwmon: (lm80) fix a missing check of bus read in lm80 probe\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027PCI: PM: Do not read power state in pci_enable_device_flags()\u0027 (git-fixes).\n- Revert \u0027USB: cdc-acm: fix rounding error in TIOCSSERIAL\u0027 (git-fixes).\n- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)\n- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)\n- sched/fair: Fix unfairness caused by missing load decay (git-fixes)\n- sched/numa: Fix a possible divide-by-zero (git-fixes)\n- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1188010).\n- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2407,SUSE-SLE-SERVER-12-SP5-2021-2407",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2407-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2407-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212407-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2407-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009167.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1153720",
"url": "https://bugzilla.suse.com/1153720"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1185032",
"url": "https://bugzilla.suse.com/1185032"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1185995",
"url": "https://bugzilla.suse.com/1185995"
},
{
"category": "self",
"summary": "SUSE Bug 1187050",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1187934",
"url": "https://bugzilla.suse.com/1187934"
},
{
"category": "self",
"summary": "SUSE Bug 1188010",
"url": "https://bugzilla.suse.com/1188010"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188273",
"url": "https://bugzilla.suse.com/1188273"
},
{
"category": "self",
"summary": "SUSE Bug 1188274",
"url": "https://bugzilla.suse.com/1188274"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-20T12:40:21Z",
"generator": {
"date": "2021-07-20T12:40:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2407-1",
"initial_release_date": "2021-07-20T12:40:21Z",
"revision_history": [
{
"date": "2021-07-20T12:40:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.65.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.65.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.65.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "moderate"
}
],
"title": "CVE-2021-3612"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…