Main Vulnerability Database SB2021081247

SB2021081247 - SUSE update for the Linux Kernel

Published: August 12, 2021

Security Bulletin ID SB2021081247

Severity

Medium

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2021-21781)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the ARM SIGPAGE functionality. A userland application can read the contents of the sigpage, which can leak kernel memory contents.

2) Buffer overflow (CVE-ID: CVE-2021-22543)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in Linux kernel when handling VM_IO|VM_PFNMAP vmas in KVM. A local user can can bypass RO checks and cause the pages to get freed while still accessible by the VMM and guest. As a result, an attacker with the ability to start and control a VM to read/write random pages of memory, can trigger memory corruption and execute arbitrary code with elevated privileges.

3) Integer overflow (CVE-ID: CVE-2021-33909)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow during size_t-to-int conversion when creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB. An unprivileged local user can write up to 10-byte string to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer.

Successful exploitation of vulnerability may allow an attacker to exploit the our-of-bounds write vulnerability to execute arbitrary code with root privileges.

4) NULL pointer dereference (CVE-ID: CVE-2021-3659)

The vulnerability allows a local usre to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the way the user closes the LR-WPAN connection within the IEEE 802.15.4 wireless networking subsystem. A local user can perform a denial of service (DoS) attack.

5) Out-of-bounds write (CVE-ID: CVE-2021-37576)

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a boundary error in arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform. An attacker on KVM guest OS can cause host OS memory corruption via rtas_args.nargs and execute arbitrary code on the host OS.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2021/suse-su-20212678-1/

Vulnerable Software

SUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-source-rt: before 5.3.18-48.1
kernel-devel-rt: before 5.3.18-48.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-48.1
ocfs2-kmp-rt: before 5.3.18-48.1
kernel-syms-rt: before 5.3.18-48.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-48.1
kernel-rt_debug-devel: before 5.3.18-48.1
kernel-rt_debug-debugsource: before 5.3.18-48.1
kernel-rt_debug-debuginfo: before 5.3.18-48.1
kernel-rt_debug: before 5.3.18-48.1
kernel-rt-devel-debuginfo: before 5.3.18-48.1
kernel-rt-devel: before 5.3.18-48.1
gfs2-kmp-rt-debuginfo: before 5.3.18-48.1
gfs2-kmp-rt: before 5.3.18-48.1
dlm-kmp-rt-debuginfo: before 5.3.18-48.1
dlm-kmp-rt: before 5.3.18-48.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-48.1
cluster-md-kmp-rt: before 5.3.18-48.1
kernel-rt-debugsource: before 5.3.18-48.1
kernel-rt-debuginfo: before 5.3.18-48.1
kernel-rt: before 5.3.18-48.1

SB2021081247 - SUSE update for the Linux Kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human