| Revision Date: | 2021-06-18 | Version: | 1 |
| Title: | Security update for the Linux Kernel (Live Patch 24 for SLE 15) (Important) |
| Description: |
This update for the Linux Kernel 4.12.14-150_72 fixes several issues.
The following security issues were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484). - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values (bsc#1186111). - CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges (bnc#1186060). - CVE-2021-32399: Fixed a race condition when removing the HCI controller (bnc#1184611).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1185899
1186061
1186285
1186498
CVE-2021-23134
CVE-2021-32399
CVE-2021-33034
CVE-2021-33200
SUSE-SU-2021:2057-1
|
| Platform(s): | openSUSE Leap 15.3 SLE Imports
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.3 SLE Imports is installed AND kernel-livepatch-4_12_14-150_72-default-2-2.1 is installed
|