Linux Kernel Multiple Vulnerabilities

Impact

• Denial of Service
• Elevation of Privilege
• Remote Code Execution
• Security Restriction Bypass
• Information Disclosure
• Data Manipulation

System / Technologies affected

• SUSE Linux Enterprise Debuginfo 11-SP4
• SUSE Linux Enterprise High Availability 15
• SUSE Linux Enterprise High Availability 15-SP2
• SUSE Linux Enterprise High Performance Computing 15-ESPOS
• SUSE Linux Enterprise High Performance Computing 15-LTSS
• SUSE Linux Enterprise Module for Basesystem 15-SP2
• SUSE Linux Enterprise Module for Development Tools 15-SP2
• SUSE Linux Enterprise Module for Legacy Software 15-SP2
• SUSE Linux Enterprise Module for Live Patching 15
• SUSE Linux Enterprise Module for Live Patching 15-SP2
• SUSE Linux Enterprise Module for Realtime 15-SP2
• SUSE Linux Enterprise Server 11-EXTRA
• SUSE Linux Enterprise Server 11-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server 15-LTSS
• SUSE Linux Enterprise Server for SAP 15
• SUSE Linux Enterprise Workstation Extension 15-SP2
• SUSE MicroOS 5.0
• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 20.10
• Ubuntu 21.04

Solutions

Before installation of the software, please visit the vendor web-site for more details.

• Apply fixes issued by the vendor:

  https://www.suse.com/support/update/announcement/2021/suse-su-202114724-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211571-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211572-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211573-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211574-1/

  https://ubuntu.com/security/notices/USN-4945-1

  https://ubuntu.com/security/notices/USN-4946-1

  https://ubuntu.com/security/notices/USN-4947-1

  https://ubuntu.com/security/notices/USN-4948-1

  https://ubuntu.com/security/notices/USN-4949-1

  https://ubuntu.com/security/notices/USN-4950-1

Vulnerability Identifier

• CVE-2019-2308
• CVE-2020-0433
• CVE-2020-25639
• CVE-2020-25670
• CVE-2020-25671
• CVE-2020-25672
• CVE-2020-25673
• CVE-2020-27170
• CVE-2020-27171
• CVE-2020-27673
• CVE-2020-27815
• CVE-2020-35519
• CVE-2020-36310
• CVE-2020-36311
• CVE-2020-36312
• CVE-2020-36322
• CVE-2021-3428
• CVE-2021-3444
• CVE-2021-3483
• CVE-2021-3489
• CVE-2021-3490
• CVE-2021-3491
• CVE-2021-20219
• CVE-2021-20261
• CVE-2021-20292
• CVE-2021-26930
• CVE-2021-26931
• CVE-2021-27363
• CVE-2021-27364
• CVE-2021-27365
• CVE-2021-28038
• CVE-2021-28375
• CVE-2021-28660
• CVE-2021-28688
• CVE-2021-28950
• CVE-2021-28951
• CVE-2021-28952
• CVE-2021-28964
• CVE-2021-28971
• CVE-2021-28972
• CVE-2021-29154
• CVE-2021-29155
• CVE-2021-29264
• CVE-2021-29265
• CVE-2021-29266
• CVE-2021-29646
• CVE-2021-29647
• CVE-2021-29649
• CVE-2021-29650
• CVE-2021-29657
• CVE-2021-30002
• CVE-2021-31916

Source

• SUSE
• Ubuntu
• AusCERT

Related Link

https://www.suse.com/support/update/announcement/2021/suse-su-202114724-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211571-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211572-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211573-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211574-1/

https://ubuntu.com/security/notices/USN-4945-1

https://ubuntu.com/security/notices/USN-4946-1

https://ubuntu.com/security/notices/USN-4947-1

https://ubuntu.com/security/notices/USN-4948-1

https://ubuntu.com/security/notices/USN-4949-1

https://ubuntu.com/security/notices/USN-4950-1

https://www.auscert.org.au/bulletins/ESB-2021.1622

https://www.auscert.org.au/bulletins/ESB-2021.1623

https://www.auscert.org.au/bulletins/ESB-2021.1624

https://www.auscert.org.au/bulletins/ESB-2021.1625

https://www.auscert.org.au/bulletins/ESB-2021.1635