SUSE-SU-2021:3459-1 -- SLES kgraft-patchID: oval:org.secpod.oval:def:89045727 | Date: (C)2021-10-25 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for the Linux Kernel 4.4.180-94_147 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a user-after-free in the Linux kernel"s Traffic Control networking subsystem which could lead to local privilege escalation. - CVE-2021-38160: Fixed a bug that could lead to a data corruption or loss. This can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size in drivers/char/virtio_console.c - CVE-2021-3640: Fixed a user-after-free bug in the function sco_sock_sendmsg which could lead to local privilege escalation. - CVE-2021-3573: Fixed a user-after-free bug in the function hci_sock_bound_ioctl which could lead to local privilege escalation. .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |