Linux Kernel Multiple Vulnerabilities

Impact

• Security Restriction Bypass
• Remote Code Execution
• Data Manipulation
• Information Disclosure
• Denial of Service

System / Technologies affected

Suse

• SUSE Linux Enterprise Module for Public Cloud 15-SP3

Ubuntu

• Ubuntu 21.10
• Ubuntu 21.04
• Ubuntu 20.04 LTS
• Ubuntu 18.04 LTS

Solutions

Before installation of the software, please visit the vendor web-site for more details.

• Apply fixes issued by the vendor:
• Suse
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220056-1/
• Ubuntu
  • https://ubuntu.com/security/notices/USN-5217-1
  • https://ubuntu.com/security/notices/USN-5218-1
  • https://ubuntu.com/security/notices/USN-5219-1
  • https://ubuntu.com/security/notices/USN-5222-1

Vulnerability Identifier

• CVE-2020-24504
• CVE-2020-27820
• CVE-2021-28711
• CVE-2021-28712
• CVE-2021-28713
• CVE-2021-28714
• CVE-2021-28715
• CVE-2021-33098
• CVE-2021-4001
• CVE-2021-4002
• CVE-2021-43975
• CVE-2021-43976
• CVE-2021-45485
• CVE-2021-45486
• CVE-2021-45105
• CVE-2021-44832
• CVE-2021-4090
• CVE-2021-4204
• CVE-2021-20321
• CVE-2021-3760
• CVE-2021-41864
• CVE-2021-43056
• CVE-2021-43267
• CVE-2021-43389

Source

• SUSE
• Ubuntu
• AusCERT

Related Link

• https://www.suse.com/support/update/announcement/2022/suse-su-20220056-1/
• https://ubuntu.com/security/notices/USN-5217-1
• https://ubuntu.com/security/notices/USN-5218-1
• https://ubuntu.com/security/notices/USN-5219-1
• https://ubuntu.com/security/notices/USN-5222-1
• https://www.auscert.org.au/bulletins/ESB-2022.0121
• https://www.auscert.org.au/bulletins/ESB-2022.0128
• https://www.auscert.org.au/bulletins/ESB-2022.0126
• https://www.auscert.org.au/bulletins/ESB-2022.0127
• https://www.auscert.org.au/bulletins/ESB-2022.0125