[SUSE-SU-2021:0744-1] Security update for the Linux Kernel

Severity Important

Affected Packages 18

CVEs 4

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1181843).
CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1181753).
CVE-2021-26932: Fixed improper error handling issues in Linux grant mapping (XSA-361 bsc#1181747).
CVE-2020-28374: Fixed insufficient identifier checking in the LIO SCSI target code which could have been used by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#178372).

The following non-security bug was fixed:

xen/netback: fix spurious event detection for common event case (bsc#1182175).

Package	Affected Version
pkg:rpm/suse/kgraft-patch-4_4_121-92_152-default?arch=x86_64&distro=sles-12&sp=2	< 1-3.3.2
pkg:rpm/suse/kgraft-patch-4_4_121-92_152-default?arch=ppc64le&distro=sles-12&sp=2	< 1-3.3.2
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=2	< 4.4.121-92.152.2
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=2	< 4.4.121-92.152.2

ID

SUSE-SU-2021:0744-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2021/suse-su-20210744-1/

Published

2021-03-09T15:16:25
(3 years ago)

Modified

2021-03-09T15:16:25
(3 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0744-1.json
Suse	URL for SUSE-SU-2021:0744-1	https://www.suse.com/support/update/announcement/2021/suse-su-20210744-1/
Suse	E-Mail link for SUSE-SU-2021:0744-1	https://lists.suse.com/pipermail/sle-security-updates/2021-March/008446.html
Bugzilla	SUSE Bug 1178372	https://bugzilla.suse.com/1178372
Bugzilla	SUSE Bug 1181747	https://bugzilla.suse.com/1181747
Bugzilla	SUSE Bug 1181753	https://bugzilla.suse.com/1181753
Bugzilla	SUSE Bug 1181843	https://bugzilla.suse.com/1181843
Bugzilla	SUSE Bug 1182175	https://bugzilla.suse.com/1182175
CVE	SUSE CVE CVE-2020-28374 page	https://www.suse.com/security/cve/CVE-2020-28374/
CVE	SUSE CVE CVE-2021-26930 page	https://www.suse.com/security/cve/CVE-2021-26930/
CVE	SUSE CVE CVE-2021-26931 page	https://www.suse.com/security/cve/CVE-2021-26931/
CVE	SUSE CVE CVE-2021-26932 page	https://www.suse.com/security/cve/CVE-2021-26932/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/kgraft-patch-4_4_121-92_152-default?arch=x86_64&distro=sles-12&sp=2	suse	kgraft-patch-4_4_121-92_152-default	< 1-3.3.2	sles-12	x86_64
Affected	pkg:rpm/suse/kgraft-patch-4_4_121-92_152-default?arch=ppc64le&distro=sles-12&sp=2	suse	kgraft-patch-4_4_121-92_152-default	< 1-3.3.2	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2	suse	kernel-syms	< 4.4.121-92.152.2	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=2	suse	kernel-syms	< 4.4.121-92.152.2	sles-12	s390x
Affected	pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=2	suse	kernel-syms	< 4.4.121-92.152.2	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2	suse	kernel-source	< 4.4.121-92.152.2	sles-12	noarch
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2	suse	kernel-macros	< 4.4.121-92.152.2	sles-12	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2	suse	kernel-devel	< 4.4.121-92.152.2	sles-12	noarch
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2	suse	kernel-default	< 4.4.121-92.152.2	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=2	suse	kernel-default	< 4.4.121-92.152.2	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=2	suse	kernel-default	< 4.4.121-92.152.2	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=2	suse	kernel-default-man	< 4.4.121-92.152.2	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2	suse	kernel-default-devel	< 4.4.121-92.152.2	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=2	suse	kernel-default-devel	< 4.4.121-92.152.2	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=2	suse	kernel-default-devel	< 4.4.121-92.152.2	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2	suse	kernel-default-base	< 4.4.121-92.152.2	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=2	suse	kernel-default-base	< 4.4.121-92.152.2	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=2	suse	kernel-default-base	< 4.4.121-92.152.2	sles-12	ppc64le

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date