| Revision Date: | 2021-06-18 | Version: | 1 |
| Title: | Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important) |
| Description: |
This update for the Linux Kernel 4.4.180-94_144 fixes several issues.
The following issues were fixed:
- CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values (bsc#1186111). - CVE-2021-28688: Fixed an issue introduced by XSA-365, leaving around zombie domains after xen guest has died (bsc#1183646). - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with system execution privileges needed. (bsc#1176724). - Fixed a regression with the last livepatch which caused a kernel warning during sysfs read (bsc#1186235).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1176931
1182294
1186235
1186285
CVE-2020-0429
CVE-2021-28688
CVE-2021-33034
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP3-ESPOS
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND kgraft-patch-4_4_180-94_144-default-2-2.1 is installed
|