Details
-
Improvement
-
Resolution: Fixed
-
Minor
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2021-26930: Fixed an improper error handling in blkback's grant
mapping (XSA-365 bsc#1181843). - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
mapping errors as bugs (XSA-362 bsc#1181753). - CVE-2021-26932: Fixed improper error handling issues in Linux grant
mapping (XSA-361 bsc#1181747). by remote attackers to read or write
files via directory traversal in an XCOPY request (bsc#178372). - CVE-2020-12362: Fixed an integer overflow in the firmware which may have
allowed a privileged user to potentially enable an escalation of
privilege via local access (bsc#1181720). - CVE-2020-12363: Fixed an improper input validation which may have
allowed a privileged user to potentially enable a denial of service via
local access (bsc#1181735). - CVE-2020-12364: Fixed a null pointer reference which may have allowed a
privileged user to potentially enable a denial of service via local
access (bsc#1181736 ). - CVE-2020-12373: Fixed an expired pointer dereference which may have
allowed a privileged user to potentially enable a denial of service via
local access (bsc#1181738). - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write
implementation which could have granted unintended write access because
of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-March/008452.html