|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2021:14724-1)|
|Summary:||The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:14724-1 advisory.|
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2021:14724-1 advisory.
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
CVE-2021-30002: Fixed a memory leak for large arguments in
CVE-2021-29650: Fixed an issue where the netfilter subsystem allowed
attackers to cause a denial of service (bsc#1184208).
CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a
new device name to the driver from userspace, allowing userspace to
write data to the kernel stack frame directly (bsc#1184198).
CVE-2021-28950: Fixed an infinite loop because a retry loop continually
finds the same bad inode (bsc#1184194).
CVE-2021-27365: Fixed an issue where an unprivileged user can send a
Netlink message that is associated with iSCSI, and has a length up to
the maximum length of a Netlink message (bsc#1182715).
CVE-2021-27364: Fixed an issue where an attacker could craft Netlink
CVE-2021-27363: Fixed a kernel pointer leak which could have been used
to determine the address of the iscsi_transport structure (bsc#1182716).
CVE-2021-20261: Fixed a race condition in the implementation of the
floppy disk drive controller driver software (bsc#1183400).
CVE-2020-36322: Fixed an issue in the FUSE filesystem implementation
which could have caused a system crash (bsc#1184211).
CVE-2020-35519: Fixed an out-of-bounds memory access was found in
The following non-security bugs were fixed:
md: md.c: Return -ENODEV when mddev is NULL in rdev_attr_show
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Debuginfo 11-SP4
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2021-3483|
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.