Oval Definition:oval:org.opensuse.security:def:202131440
Revision Date:2022-09-02Version:1
Title:CVE-2021-31440
Description:

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-31440
SUSE CVE-2021-31440
SUSE-SU-2021:3360-1
Platform(s):SUSE CaaS Platform 4.0
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP2
SUSE Linux Enterprise Module for Live Patching 15 SP3
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15 SP2
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND kernel-source-azure is not affected
  • OR Package Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR reiserfs-kmp-default is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-source is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-devel is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed
  • AND
  • kernel-devel-azure is not affected
  • OR kernel-source-azure is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND kernel-source-azure is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Live Patching 15 SP3 is installed
  • AND kernel-livepatch-5_3_18-57-default-7-3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-source is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-devel is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR reiserfs-kmp-default is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed
  • AND
  • kernel-devel-azure is not affected
  • OR kernel-source-azure is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Micro 5.1 is installed
  • OR SUSE Linux Enterprise Micro 5.2 is installed
  • OR SUSE Linux Enterprise Module for Live Patching 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • AND kernel-livepatch-5_3_18-57-default-7-3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND Package Information
  • kernel-default is not affected
  • OR kernel-source is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Storage 6 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND kernel-source-azure is not affected
  • OR Package Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR reiserfs-kmp-default is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Storage 6 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND kernel-source-azure is not affected
  • OR Package Information
  • SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-source is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR reiserfs-kmp-default is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR kernel-default-kgraft is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
  • OR kernel-source-azure is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
  • OR kernel-source-azure is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Micro 5.0 is installed
  • AND kernel-default is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Micro 5.1 is installed
  • AND Package Information
  • kernel-default is not affected
  • OR kernel-rt is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Micro 5.1 is installed
  • OR SUSE Linux Enterprise Micro 5.2 is installed
  • OR SUSE Linux Enterprise Module for Live Patching 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • AND kernel-livepatch-5_3_18-57-default-7-3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-source is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND
  • kernel-devel-azure is not affected
  • OR kernel-source-azure is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-source is not affected
  • OR kernel-source-azure is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR kernel-default-man is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
  • OR kernel-devel-azure is not affected
  • OR kernel-source-azure is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • kernel-default is not affected
  • OR kernel-default-base is not affected
  • OR kernel-default-devel is not affected
  • OR kernel-devel is not affected
  • OR kernel-macros is not affected
  • OR kernel-source is not affected
  • OR kernel-source-azure is not affected
    • BACK