Main Vulnerability Database SB2021080335

SB2021080335 - SUSE update for the Linux Kernel

Published: August 3, 2021 Updated: February 8, 2024

Security Bulletin ID SB2021080335

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 4 vulnerabilities.

1) Out-of-bounds write (CVE-ID: CVE-2021-22555)

CWE-ID: CWE-787 - Out-of-bounds write

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input in net/netfilter/x_tables.c in Linux kernel. A local user can run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

2) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2021-35039)

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper signature handling in the kernel/module.c in Linux kernel. If the kernel module is not signed, it still can be loaded into the system via init_module if module.sig_enforce=1 command-line argument is used. As a result, a local user can load unsigned and potentially malicious kernel modules.

3) Race condition (CVE-ID: CVE-2021-3609)

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the CAN BCM networking protocol (net/can/bcm.c) in the Linux kernel ranging from version 2.6.25 to mainline 5.13-rc6. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

4) Out-of-bounds write (CVE-ID: CVE-2021-3612)

CWE-ID: CWE-787 - Out-of-bounds write

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in joystick devices subsystem in Linux kernel. A local user can make a specially crafted JSIOCSBTNMAP IOCTL call, trigger out-of-bounds write and execute arbitrary code with escalated privileges.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2021/suse-su-20212599-1/

Vulnerable Software

SUSE Linux Enterprise Module for Realtime: 15-SP2
kernel-syms-rt: before 5.3.18-45.2
kernel-rt-debugsource: before 5.3.18-45.3
ocfs2-kmp-rt-debuginfo: before 5.3.18-45.3
ocfs2-kmp-rt: before 5.3.18-45.3
kernel-rt_debug-devel-debuginfo: before 5.3.18-45.3
kernel-rt_debug-devel: before 5.3.18-45.3
kernel-rt_debug-debugsource: before 5.3.18-45.3
kernel-rt_debug-debuginfo: before 5.3.18-45.3
kernel-rt_debug: before 5.3.18-45.3
kernel-rt-devel-debuginfo: before 5.3.18-45.3
kernel-rt-devel: before 5.3.18-45.3
kernel-devel-rt: before 5.3.18-45.3
kernel-rt-debuginfo: before 5.3.18-45.3
kernel-rt: before 5.3.18-45.3
gfs2-kmp-rt-debuginfo: before 5.3.18-45.3
gfs2-kmp-rt: before 5.3.18-45.3
dlm-kmp-rt-debuginfo: before 5.3.18-45.3
dlm-kmp-rt: before 5.3.18-45.3
cluster-md-kmp-rt-debuginfo: before 5.3.18-45.3
cluster-md-kmp-rt: before 5.3.18-45.3
kernel-source-rt: before 5.3.18-45.3

SB2021080335 - SUSE update for the Linux Kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human