Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP2) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:0841-1 Final 1 1 2021-03-17T16:23:07Z current 2021-03-17T16:23:07Z 2021-03-17T16:23:07Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP2) This update for the Linux Kernel 5.3.18-24_43 fixes several issues. The following security issues were fixed: - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179664). - CVE-2021-3347: Fixed a use-after-free in the PI futexes during fault handling, allowing local users to execute code in the kernel (bsc#1181553). - CVE-2020-28374: Fixed insufficient identifier checking in the LIO SCSI target code which could have been used by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#1178684). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2021-841,SUSE-SLE-Module-Live-Patching-15-SP2-2021-841 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20210841-1/ Link for SUSE-SU-2021:0841-1 https://lists.suse.com/pipermail/sle-security-updates/2021-March/008510.html E-Mail link for SUSE-SU-2021:0841-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1178684 SUSE Bug 1178684 https://bugzilla.suse.com/1179664 SUSE Bug 1179664 https://bugzilla.suse.com/1181553 SUSE Bug 1181553 https://www.suse.com/security/cve/CVE-2020-28374/ SUSE CVE CVE-2020-28374 page https://www.suse.com/security/cve/CVE-2020-29368/ SUSE CVE CVE-2020-29368 page https://www.suse.com/security/cve/CVE-2021-3347/ SUSE CVE CVE-2021-3347 page SUSE Linux Enterprise Live Patching 15 SP2 kernel-livepatch-5_3_18-24_43-default-3-2.2 kernel-livepatch-5_3_18-24_43-preempt-3-2.2 kernel-livepatch-5_3_18-24_43-default-3-2.2 as a component of SUSE Linux Enterprise Live Patching 15 SP2 In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore. CVE-2020-28374 SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_43-default-3-2.2 important 5.5 AV:N/AC:L/Au:S/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210841-1/ https://www.suse.com/security/cve/CVE-2020-28374.html CVE-2020-28374 https://bugzilla.suse.com/1178372 SUSE Bug 1178372 https://bugzilla.suse.com/1178684 SUSE Bug 1178684 https://bugzilla.suse.com/1180676 SUSE Bug 1180676 An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. CVE-2020-29368 SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_43-default-3-2.2 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210841-1/ https://www.suse.com/security/cve/CVE-2020-29368.html CVE-2020-29368 https://bugzilla.suse.com/1179428 SUSE Bug 1179428 https://bugzilla.suse.com/1179660 SUSE Bug 1179660 https://bugzilla.suse.com/1179664 SUSE Bug 1179664 An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. CVE-2021-3347 SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_43-default-3-2.2 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210841-1/ https://www.suse.com/security/cve/CVE-2021-3347.html CVE-2021-3347 https://bugzilla.suse.com/1181349 SUSE Bug 1181349 https://bugzilla.suse.com/1181553 SUSE Bug 1181553 https://bugzilla.suse.com/1190859 SUSE Bug 1190859