Oval Definition:oval:org.opensuse.security:def:97275
Revision Date:2021-03-09Version:1
Title:Security update for the Linux Kernel (Important)
Description:

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1181843). - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1181753). - CVE-2021-26932: Fixed improper error handling issues in Linux grant mapping (XSA-361 bsc#1181747). by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#178372). - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).

The following non-security bugs were fixed:

- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) The in-tree KMP that is built with SLE kernels have a different scriptlet that is embedded in kernel-binary.spec.in rather than *.sh files. - rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for 'grep -E'. So use the latter instead. - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592) - rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401) - rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082). - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). - rpm/post.sh: Avoid purge-kernel for the first installed kernel (bsc#1180058) - xen/netback: avoid race in xenvif_rx_ring_slots_available() (bsc#1065600). - xen/netback: fix spurious event detection for common event case (bsc#1182175).
Family:unixClass:patch
Status:Reference(s):1065600
1163592
1178401
1178762
1179014
1179015
1179045
1179082
1179428
1179660
1180058
1181747
1181753
1181843
1182140
1182175
CVE-2020-29368
CVE-2020-29374
CVE-2021-26930
CVE-2021-26931
CVE-2021-26932
SUSE-SU-2021:0740-1
Platform(s):openSUSE Leap 15.3 SLE Imports
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 SLE Imports is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-150.69.1 is installed
  • OR dlm-kmp-default-4.12.14-150.69.1 is installed
  • OR gfs2-kmp-default-4.12.14-150.69.1 is installed
  • OR kernel-debug-4.12.14-150.69.1 is installed
  • OR kernel-debug-base-4.12.14-150.69.1 is installed
  • OR kernel-debug-devel-4.12.14-150.69.1 is installed
  • OR kernel-debug-livepatch-devel-4.12.14-150.69.1 is installed
  • OR kernel-default-4.12.14-150.69.1 is installed
  • OR kernel-default-base-4.12.14-150.69.1 is installed
  • OR kernel-default-devel-4.12.14-150.69.1 is installed
  • OR kernel-default-extra-4.12.14-150.69.1 is installed
  • OR kernel-default-livepatch-4.12.14-150.69.1 is installed
  • OR kernel-default-livepatch-devel-4.12.14-150.69.1 is installed
  • OR kernel-default-man-4.12.14-150.69.1 is installed
  • OR kernel-devel-4.12.14-150.69.1 is installed
  • OR kernel-docs-4.12.14-150.69.1 is installed
  • OR kernel-docs-html-4.12.14-150.69.1 is installed
  • OR kernel-kvmsmall-4.12.14-150.69.1 is installed
  • OR kernel-kvmsmall-base-4.12.14-150.69.1 is installed
  • OR kernel-kvmsmall-devel-4.12.14-150.69.1 is installed
  • OR kernel-kvmsmall-livepatch-devel-4.12.14-150.69.1 is installed
  • OR kernel-livepatch-4_12_14-150_69-default-1-1.3.1 is installed
  • OR kernel-macros-4.12.14-150.69.1 is installed
  • OR kernel-obs-build-4.12.14-150.69.1 is installed
  • OR kernel-obs-qa-4.12.14-150.69.1 is installed
  • OR kernel-source-4.12.14-150.69.1 is installed
  • OR kernel-source-vanilla-4.12.14-150.69.1 is installed
  • OR kernel-syms-4.12.14-150.69.1 is installed
  • OR kernel-vanilla-4.12.14-150.69.1 is installed
  • OR kernel-vanilla-base-4.12.14-150.69.1 is installed
  • OR kernel-vanilla-devel-4.12.14-150.69.1 is installed
  • OR kernel-vanilla-livepatch-devel-4.12.14-150.69.1 is installed
  • OR kernel-zfcpdump-4.12.14-150.69.1 is installed
  • OR kernel-zfcpdump-man-4.12.14-150.69.1 is installed
  • OR kselftests-kmp-default-4.12.14-150.69.1 is installed
  • OR ocfs2-kmp-default-4.12.14-150.69.1 is installed
  • OR reiserfs-kmp-default-4.12.14-150.69.1 is installed
    • BACK