ALT-PU-2021-2699-1
Package kernel-image-std-def updated to version 4.9.281-alt0.M80P.1 for branch p8 in task 283976.
Closed vulnerabilities
BDU:2021-04028
Уязвимость функции rtas_args.nargs драйвера arch/powerpc/kvm/book3s_rtas.c ядра операционной системы Linux, позволяющая нарушителю вызвать повреждение памяти операционной системы хоста
BDU:2021-04846
Уязвимость функции hci_sock_bound_ioctl () подсистемы HCI ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код в контексте ядра
BDU:2022-00682
Уязвимость подсистемы виртуализации KVM ядра операционной системы Linux, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии
BDU:2022-05781
Уязвимость функции decode_data компонента drivers/net/hamradio/6pack.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-3573
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.
- [oss-security] 20230702 CVE-2023-3439: Linux MCTP use-after-free in mctp_sendmsg
- [oss-security] 20230702 CVE-2023-3439: Linux MCTP use-after-free in mctp_sendmsg
- https://bugzilla.redhat.com/show_bug.cgi?id=1966578
- https://bugzilla.redhat.com/show_bug.cgi?id=1966578
- https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52
- https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52
- https://www.openwall.com/lists/oss-security/2021/06/08/2
- https://www.openwall.com/lists/oss-security/2021/06/08/2
Modified: 2024-11-21
CVE-2021-3653
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1983686
- https://bugzilla.redhat.com/show_bug.cgi?id=1983686
- [debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update
- [debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- https://www.openwall.com/lists/oss-security/2021/08/16/1
- https://www.openwall.com/lists/oss-security/2021/08/16/1
Modified: 2024-11-21
CVE-2021-37576
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
- [oss-security] 20210727 Re: Linux kernel: powerpc: KVM guest to host memory corruption
- [oss-security] 20210727 Re: Linux kernel: powerpc: KVM guest to host memory corruption
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a
- FEDORA-2021-12618d9b08
- FEDORA-2021-12618d9b08
- FEDORA-2021-817b3d47d2
- FEDORA-2021-817b3d47d2
- https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf%40mpe.ellerman.id.au/T/#u
- https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf%40mpe.ellerman.id.au/T/#u
- https://security.netapp.com/advisory/ntap-20210917-0005/
- https://security.netapp.com/advisory/ntap-20210917-0005/
- DSA-4978
- DSA-4978
Modified: 2024-11-21
CVE-2021-42008
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19d1532a187669ce86d5a2696eb7275310070793
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19d1532a187669ce86d5a2696eb7275310070793
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- https://security.netapp.com/advisory/ntap-20211104-0002/
- https://security.netapp.com/advisory/ntap-20211104-0002/
- https://www.youtube.com/watch?v=d5f9xLK8Vhw
- https://www.youtube.com/watch?v=d5f9xLK8Vhw