The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-7841: Fixed denial of service via a malformed SCTP INIT chunk when ASCONF is used (bnc#905100). - CVE-2020-24586: Fixed arbitrary network packet injection via fragmented frames encrypted using WEP, CCMP, or GCMP (bnc#1185859). - CVE-2020-24587: Fixed data leak when fragments of a frame are not encrypted with the same key and the WEP, CCMP, or GCMP encryption key is periodically renewed (bnc#1185859, bnc#1185862). - CVE-2020-24588: Fixed arbitrary network packet injection via specially crafted non-SSP A-MSDU frames (bnc#1185861). - CVE-2020-26139: Fixed denial of service in protected Wi-Fi newtwors via EAPOL frames forwarding (bnc#1186062). - CVE-2020-35519: Fixed out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c (bnc#1183696). - CVE-2020-36322: Fixed system crash in the FUSE filesystem implementation (bnc#1184211). - CVE-2020-36385: Fixed user-after-free issue in drivers/infiniband/core/ucma.c (bnc#1187050). - CVE-2020-36386: Fixed slab out-of-bounds read in hci_extended_inquiry_result_evt funcion in net/bluetooth/hci_event.c (bnc#1187038). - CVE-2021-0512: Fixed local privilege escalation via a buffer overflow in __hidinput_change_resolution_multipliers of hid-input.c (bnc#1187595). - CVE-2021-20261: Fixed race condition in the floppy disk drive controller driver software (bnc#1183400). - CVE-2021-20265: Fixed denial of service by unprivileged local users via the the unix_stream_recvmsg function in the Linux kernel when a signal was pending (bnc#1183089). - CVE-2021-27363: Fixed kernel pointer leak in iSCSI subsystem (bnc#1182716). - CVE-2021-27364: Fixed iscsi_if_recv_msg() allows non-root users to connect and send commands (bnc#1182717). - CVE-2021-27365: Fixed missing length checks in iSCSI data structures (bnc#1182715). - CVE-2021-28950: Fixed stall on CPU in fs/fuse/fuse_i.h (bnc#1184194). - CVE-2021-28972: Fixed buffer overflow in In drivers/pci/hotplug/rpadlpar_sysfs.c (bnc#1184198). - CVE-2021-29154: Fixed arbitrary code execution within the kernel context due to BPF JIT compilers incorrect computation of branch displacements (bnc#1184391). - CVE-2021-29650: Fixed denial of service in the netfilter subsystem upon the assignment of a new table value (bnc#1184208). - CVE-2021-30002: Fixed memory leak for large arguments in video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c (bnc#1184120). - CVE-2021-32399: Fixed race condition in net/bluetooth/hci_request.c (bnc#1184611). - CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109). - CVE-2021-34693: Fixed leak of sensitive information from kernel stack memory via partially uninitialized data structures in net/can/bcm.c (bnc#1187452). - CVE-2021-3483: Fixed user-after-free in the Nosy driver in the Linux kernel (bnc#1184393). - CVE-2021-3609: Fixed local privilege escalation via a race condition in net/can/bcm.c (bsc#1187215). - CVE-2021-3640: Fixed Use-After-Free vulnerability in function sco_sock_sendmsg() (bsc#1188172). - CVE-2021-3653: Fixed flaw in KVM's AMD code for supporting SVM nested virtualization that could lead to system crash, data leak or guest-to-host escape (bnc#1189399). - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563). - CVE-2021-3679: Fixed denial of service flaw in the Linux kernel tracing module functionality (bnc#1189057). - CVE-2021-37159: Fixed use-after-free and a double free inside hso_free_net_device in drivers/net/usb/hso.c when unregister_netdev is called without checking for the NETREG_REGISTERED state (bnc#1188601). - CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351). - CVE-2021-38160: Fixed data corruption or loss that could be triggered by untrusted device in drivers/char/virtio_console.c (bsc#1190117). - CVE-2021-38198: Fixed shadow page memory access permission in arch/x86/kvm/mmu/paging_tmpl.h that could lead to a missing guest protection page fault (bnc#1189262). - CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315). - CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673). - CVE-2021-43389: Fixed array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
The following non-security bugs were fixed:
- sched: Fix possible divide by zero in avg_atom() calculation (bsc#1191884).
openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8