SUSE update for the Linux Kernel



| Updated: 2025-06-28
Risk Medium
Patch available YES
Number of vulnerabilities 38
CVE-ID CVE-2018-13405
CVE-2018-9517
CVE-2019-3874
CVE-2019-3900
CVE-2020-0429
CVE-2020-12770
CVE-2020-3702
CVE-2021-0941
CVE-2021-20322
CVE-2021-22543
CVE-2021-31916
CVE-2021-34556
CVE-2021-34981
CVE-2021-35477
CVE-2021-3640
CVE-2021-3653
CVE-2021-3655
CVE-2021-3656
CVE-2021-3659
CVE-2021-3679
CVE-2021-3715
CVE-2021-37159
CVE-2021-3732
CVE-2021-3744
CVE-2021-3752
CVE-2021-3753
CVE-2021-37576
CVE-2021-3759
CVE-2021-3760
CVE-2021-3764
CVE-2021-3772
CVE-2021-38198
CVE-2021-38204
CVE-2021-40490
CVE-2021-41864
CVE-2021-42008
CVE-2021-42252
CVE-2021-42739
CWE-ID CWE-264
CWE-416
CWE-20
CWE-835
CWE-310
CWE-125
CWE-330
CWE-119
CWE-787
CWE-200
CWE-415
CWE-203
CWE-909
CWE-476
CWE-400
CWE-401
CWE-345
CWE-732
CWE-362
Exploitation vector Network
Public exploit Public exploit code for vulnerability #10 is available.
Public exploit code for vulnerability #36 is available.
Vulnerable software
 SUSE Linux Enterprise High Availability
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE OpenStack Cloud Crowbar
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE OpenStack Cloud
Operating systems & Components / Operating system

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kgraft-patch-4_12_14-95_83-default
Operating systems & Components / Operating system package or component

kernel-default-kgraft-devel
Operating systems & Components / Operating system package or component

kernel-default-kgraft
Operating systems & Components / Operating system package or component

kernel-default-man
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 38 vulnerabilities.

1) Security restrictions bypass

EUVDB-ID: #VU13631

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-13405

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to create arbitrary files on the target system.

The vulnerability exists due to the inode_init_owner function, as defined in the fs/inode.c source code file, allows the creation of arbitrary files in set-group identification (SGID) directories. A local attacker can create arbitrary files with unintended group ownership.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU19987

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-9517

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in pppol2tp_connect. A local user can trigger memory corruption and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU70466

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-3874

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to the SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Infinite loop

EUVDB-ID: #VU19998

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-3900

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in vhost_net kernel module when processing incoming packets in handle_rx(). A remote attacker with access to guest operating system can stall the vhost_net kernel thread and cause denial of service conditions.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU47047

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-0429

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local privileged user to execute arbitrary code.

In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU28170

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-12770

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the system.

The vulnerability exists due to the "sg_write" lacks an "sg_remove_request" call in a certain failure case. A local user can pass specially crafted input to the application and execute arbitrary code on the target system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Cryptographic Issues

EUVDB-ID: #VU109316

Risk: Medium

CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-3702

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access top sensitive information.

The vulnerability exists due to improper input validation in WIFI driver(Krook). A remote attacker can temporary disable WPA2 or the WPA/WPA2 mixed-mode encryption and intercept traffic in clear text.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

EUVDB-ID: #VU64702

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-0941

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists in __bpf_skb_max_len() function in net/core/filter.c in the Linux kernel. A local user with special privilege can gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use of insufficiently random values

EUVDB-ID: #VU63839

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-20322

CWE-ID: CWE-330 - Use of Insufficiently Random Values

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error when processing received ICMP errors. A remote attacker can effectively bypass the source port UDP randomization to gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU56018

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2021-22543

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in Linux kernel when handling VM_IO|VM_PFNMAP vmas in KVM. A local user can  can bypass RO checks and cause the pages to get freed while still accessible by the VMM and guest. As a result, an attacker with the ability to start and control a VM to read/write random pages of memory, can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

11) Out-of-bounds write

EUVDB-ID: #VU63574

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-31916

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module. A special user (CAP_SYS_ADMIN) can trigger a buffer overflow in the ioctl for listing devices and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Information disclosure

EUVDB-ID: #VU64203

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-34556

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Double Free

EUVDB-ID: #VU77325

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-34981

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the CMTP module in Linux kernel. A local user can trigger a double free error and execute arbitrary code on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Observable discrepancy

EUVDB-ID: #VU92412

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-35477

CWE-ID: CWE-203 - Observable discrepancy

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to observable discrepancy error. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU63769

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3640

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Security restrictions bypass

EUVDB-ID: #VU56904

Risk: Low

CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3653

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest.

As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Missing initialization of resource

EUVDB-ID: #VU61098

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3655

CWE-ID: CWE-909 - Missing initialization of resource

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to missing initialization of resource in the Linux kernel when processing inbound SCTP packets. A remote attacker can send specially crafted SCTP packets to the system and force the kernel to read uninitialized memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Security restrictions bypass

EUVDB-ID: #VU56929

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3656

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest.

The vulnerability allows the L2 guest to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) NULL pointer dereference

EUVDB-ID: #VU74547

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3659

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local usre to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the way the user closes the LR-WPAN connection within the IEEE 802.15.4 wireless networking subsystem. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Resource exhaustion

EUVDB-ID: #VU63664

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3679

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to lack of CPU resource in the Linux kernel tracing module functionality when using trace ring buffer in a specific way. A privileged local user (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU56393

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3715

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem (route4_change() function in net/sched/cls_route.c) in the way it handled changing of classification filters. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Double Free

EUVDB-ID: #VU63575

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-37159

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to hso_free_net_device() function in drivers/net/usb/hso.c in the Linux kernel calls unregister_netdev without checking for the NETREG_REGISTERED state. A local user can trigger double free and use-after-free errors and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU74548

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3732

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists in the way the user mounts the TmpFS filesystem with OverlayFS. A local user can gain access to hidden files that should not be accessible.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU63813

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3744

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c. A local user can force the application to leak memory and perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU63767

Risk: Low

CVSSv4.0: 4.8 [CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel’s Bluetooth subsystem when a user calls connect to the socket and disconnect simultaneously. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds read

EUVDB-ID: #VU64210

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3753

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel. A local user can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Out-of-bounds write

EUVDB-ID: #VU57101

Risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-37576

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a boundary error in arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform. An attacker on KVM guest OS can cause host OS memory corruption via rtas_args.nargs and execute arbitrary code on the host OS.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Resource exhaustion

EUVDB-ID: #VU63914

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3759

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists in the Linux kernel’s ipc functionality of the memcg subsystem when user calls the semget function multiple times, creating semaphores. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free

EUVDB-ID: #VU63816

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3760

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the NFC stack. A local user can trigger use-after-free error to escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Memory leak

EUVDB-ID: #VU63817

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3764

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak error in the ccp_run_aes_gcm_cmd() function in Linux kernel. A local user can trigger a memory leak error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Insufficient verification of data authenticity

EUVDB-ID: #VU63835

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3772

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack (DoS) on the target system.

The vulnerability exists due to insufficient verification of data authenticity in the Linux SCTP stack. A remote attacker can exploit this vulnerability to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Incorrect permission assignment for critical resource

EUVDB-ID: #VU63665

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38198

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page. A local user can trigger an error to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Use-after-free

EUVDB-ID: #VU63666

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38204

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service attack.

The vulnerability exists due to a use-after-free error in the drivers/usb/host/max3421-hcd.c in the Linux kernel. An attacker with physical access to the system can remove a MAX-3421 USB device to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Race condition

EUVDB-ID: #VU63667

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-40490

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds write

EUVDB-ID: #VU63855

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-41864

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input. A local user can gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds write

EUVDB-ID: #VU63669

Risk: Low

CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2021-42008

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the decode_data() function in drivers/net/hamradio/6pack.c in the Linux kernel. A local user can send input from a process that has the CAP_NET_ADMIN capability and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

37) Out-of-bounds write

EUVDB-ID: #VU93833

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-42252

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds write within the aspeed_lpc_ctrl_mmap() function in drivers/soc/aspeed/aspeed-lpc-ctrl.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Buffer overflow

EUVDB-ID: #VU59474

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-42739

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE Linux Enterprise Server: 12-SP4-LTSS

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

ocfs2-kmp-default: before 4.12.14-95.83.2

gfs2-kmp-default-debuginfo: before 4.12.14-95.83.2

gfs2-kmp-default: before 4.12.14-95.83.2

dlm-kmp-default-debuginfo: before 4.12.14-95.83.2

dlm-kmp-default: before 4.12.14-95.83.2

cluster-md-kmp-default-debuginfo: before 4.12.14-95.83.2

cluster-md-kmp-default: before 4.12.14-95.83.2

kgraft-patch-4_12_14-95_83-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.83.2

kernel-default-kgraft: before 4.12.14-95.83.2

kernel-default-man: before 4.12.14-95.83.2

kernel-source: before 4.12.14-95.83.2

kernel-macros: before 4.12.14-95.83.2

kernel-devel: before 4.12.14-95.83.2

kernel-syms: before 4.12.14-95.83.2

kernel-default-devel-debuginfo: before 4.12.14-95.83.2

kernel-default-devel: before 4.12.14-95.83.2

kernel-default-debugsource: before 4.12.14-95.83.2

kernel-default-debuginfo: before 4.12.14-95.83.2

kernel-default-base-debuginfo: before 4.12.14-95.83.2

kernel-default-base: before 4.12.14-95.83.2

kernel-default: before 4.12.14-95.83.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213972-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###