Overview

File _patchinfo of Package patchinfo.20458

<patchinfo incident="20458">
<issue id="2021-33909" tracker="cve"/>
  <issue id="1188062" tracker="bnc">VUL-0: EMBARGOED: CVE-2021-33909: kernel-source: size_t-to-int vulnerability in Linux's filesystem layer</issue>
<issue id="2021-22555" tracker="cve"/>
  <issue id="1188116" tracker="bnc">VUL-0: CVE-2021-22555: kernel-source-azure,kernel-source-rt,kernel-source: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c</issue>
<issue id="1188116" tracker="bnc"/>
  <category>security</category>
  <rating>important</rating>
  <packager>dkirjanov</packager>
  <summary>Security update for the Linux Kernel</summary>
<reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

Security issues fixed:

- CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116).
- CVE-2021-33909: Extremely large seq buffer allocations in seq_file could lead to buffer underruns and code execution (bsc#1188062).

The following non-security bugs were fixed:

- usb: dwc3: Fix debugfs creation flow (git-fixes).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places