Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)
Description:
This update for the Linux Kernel 5.3.18-57 fixes several issues.
The following issues were fixed:
- CVE-2021-3489: Fixed an issue where the eBPF RINGBUF bpf_ringbuf_reserve did not check that the allocated size was smaller than the ringbuf size (bsc#1185640). - CVE-2021-3490: Fixed an issue where the eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) did not update the 32-bit bounds (bsc#1185641). - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values (bsc#1186111). - CVE-2021-32399: Fixed a race condition when removing the HCI controller (bsc#1184611). - CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem implementation which could have caused a system crash (bsc#1184211). - CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391). - CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan (bsc#1183593). - Fixed a data loss/data corruption that occurs if there is a write error on an md/raid array (bsc#1185847).
SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Live Patching 15 SP3 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3