SUSE-SU-2021:14764-1 -- SLES kernelID: oval:org.secpod.oval:def:89045097 | Date: (C)2021-07-26 (M)2024-04-25 |
Class: PATCH | Family: unix |
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-0512: Fixed a possible out of bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. - CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. - CVE-2020-36386: Fixed an out-of-bounds read in hci_extended_inquiry_result_evt. - CVE-2020-24588: Fixed a bug that could allow an adversary to abuse devices that support receiving non-SSP A-MSDU frames to inject arbitrary network packets. - CVE-2021-29154: Fixed an incorrect computation of branch displacements in the BPF JIT compilers, which could allow to execute arbitrary code within the kernel context. - CVE-2021-32399: Fixed a race condition in net/bluetooth/hci_request.c for removal of the HCI controller. - CVE-2020-24586: Fixed a bug that, under the right circumstances, allows to inject arbitrary network packets and/or exfiltrate user data when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP. - CVE-2020-26139: Fixed a bug that allows an Access Point to forward EAPOL frames to other clients even though the sender has not yet successfully authenticated. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and made it easier to exploit other vulnerabilities in connected clients. - CVE-2020-24587: Fixed a bug that allows an adversary to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. The following non-security bugs were fixed: - md: do not flush workqueue unconditionally in md_open . - md: factor out a mddev_find_locked helper from mddev_find . - md: md_open returns -EBUSY when entering racing area . - md: split mddev_find . Special Instructions and Notes: Please reboot the system after installing this update.
Platform: |
SUSE Linux Enterprise Server 11 SP4 |