suse-su-2021:2407-1
Vulnerability from csaf_suse
Published
2021-07-20 12:40
Modified
2021-07-20 12:40
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bnc#1188116)
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation (bsc#1187050).
The following non-security bugs were fixed:
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: flexcan: disable completely the ECC mechanism (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (12sp5).
- cxgb4: fix wrong shift (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188273).
- fuse: reject internal errno (bsc#1188274).
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: trigger: fix potential deadlock with libata (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lpfc: Decouple port_template and vport_template (bsc#1185032).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
- mlxsw: spectrum: Do not process learned records with a dummy FID (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net: caif: Fix debugfs on 64-bit platforms (git-fixes).
- net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes).
- net: stmmac: Correctly take timestamp for PTPv2 (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- netsec: restore phy power state after controller reset (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
- Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- sched/numa: Fix a possible divide-by-zero (git-fixes)
- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1188010).
- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
Patchnames
SUSE-2021-2407,SUSE-SLE-SERVER-12-SP5-2021-2407
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bnc#1188116)\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation (bsc#1187050).\n\nThe following non-security bugs were fixed:\n\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).\n- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: flexcan: disable completely the ECC mechanism (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- crypto: cavium/nitrox - Fix an error rhandling path in \u0027nitrox_probe()\u0027 (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (12sp5).\n- cxgb4: fix wrong shift (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188273).\n- fuse: reject internal errno (bsc#1188274).\n- genirq: Disable interrupts for force threaded handlers (git-fixes)\n- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)\n- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)\n- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).\n- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).\n- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).\n- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: trigger: fix potential deadlock with libata (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lpfc: Decouple port_template and vport_template (bsc#1185032).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).\n- mlxsw: spectrum: Do not process learned records with a dummy FID (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net: caif: Fix debugfs on 64-bit platforms (git-fixes).\n- net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes).\n- net: stmmac: Correctly take timestamp for PTPv2 (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- netsec: restore phy power state after controller reset (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).\n- PCI: Mark TI C667X to avoid bus reset (git-fixes).\n- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027hwmon: (lm80) fix a missing check of bus read in lm80 probe\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027PCI: PM: Do not read power state in pci_enable_device_flags()\u0027 (git-fixes).\n- Revert \u0027USB: cdc-acm: fix rounding error in TIOCSSERIAL\u0027 (git-fixes).\n- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)\n- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)\n- sched/fair: Fix unfairness caused by missing load decay (git-fixes)\n- sched/numa: Fix a possible divide-by-zero (git-fixes)\n- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1188010).\n- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2407,SUSE-SLE-SERVER-12-SP5-2021-2407",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2407-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2407-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212407-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2407-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009167.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1153720",
"url": "https://bugzilla.suse.com/1153720"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1185032",
"url": "https://bugzilla.suse.com/1185032"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1185995",
"url": "https://bugzilla.suse.com/1185995"
},
{
"category": "self",
"summary": "SUSE Bug 1187050",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1187934",
"url": "https://bugzilla.suse.com/1187934"
},
{
"category": "self",
"summary": "SUSE Bug 1188010",
"url": "https://bugzilla.suse.com/1188010"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188273",
"url": "https://bugzilla.suse.com/1188273"
},
{
"category": "self",
"summary": "SUSE Bug 1188274",
"url": "https://bugzilla.suse.com/1188274"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-20T12:40:21Z",
"generator": {
"date": "2021-07-20T12:40:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2407-1",
"initial_release_date": "2021-07-20T12:40:21Z",
"revision_history": [
{
"date": "2021-07-20T12:40:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.65.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.65.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.65.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "moderate"
}
],
"title": "CVE-2021-3612"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…