Oval Definition:oval:org.opensuse.security:def:86666
Revision Date:2021-10-18Version:1
Title:Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
Description:

This update for the Linux Kernel 4.4.180-94_144 fixes several issues.

The following security issues were fixed:

- CVE-2021-3715: Fixed a user-after-free in the Linux kernel's Traffic Control networking subsystem which could lead to local privilege escalation. (bsc#1190350). - CVE-2021-38160: Fixed a bug that could lead to a data corruption or loss. This can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190118) - CVE-2021-3640: Fixed a user-after-free bug in the function sco_sock_sendmsg which could lead to local privilege escalation. (bsc#1188613) - CVE-2021-3573: Fixed a user-after-free bug in the function hci_sock_bound_ioctl which could lead to local privilege escalation. (bsc#1187054).
Family:unixClass:patch
Status:Reference(s):1187054
1188613
1190118
1190350
CVE-2021-3573
CVE-2021-3640
CVE-2021-3715
CVE-2021-38160
Platform(s):SUSE Linux Enterprise Server 12 SP3-ESPOS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND kgraft-patch-4_4_180-94_144-default-7-2.1 is installed
  • BACK