QID 750014

The suse linux enterprise 12 sp2 ltss kernel was updated to receive various security and bugfixes..
the following security bugs were fixed: - cve-2020-36312: fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509)..
- cve-2021-29650: fixed an issue inside the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208)..
- cve-2020-27673: fixed an issue in xen where a guest os users could have caused a denial of service (host os hang) via a high rate of events to dom0 (bnc#1177411, bnc#1184583)..
- cve-2021-29154: fixed bpf jit compilers that allowed to execute arbitrary code within the kernel context (bnc#1184391)..
- cve-2020-25673: fixed nfc endless loops caused by repeated llcp_sock_connect() (bsc#1178181)..
- cve-2020-25672: fixed nfc memory leak in llcp_sock_connect() (bsc#1178181)..
- cve-2020-25671: fixed nfc refcount leak in llcp_sock_connect() (bsc#1178181)..
- cve-2020-25670: fixed nfc refcount leak in llcp_sock_bind() (bsc#1178181)..
- cve-2021-28950: fixed an issue in fs/fuse/fuse_i.h where a "stall on cpu" could have occured because a retry loop continually finds the same bad inode (bnc#1184194, bnc#1184211)..
- cve-2020-36322: fixed an issue inside the fuse filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, could have caused a system crash..
Note: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as cve-2021-28950 (bnc#1184211)..
- cve-2021-30002: fixed a memory leak issue when a webcam device exists (bnc#1184120)..
- cve-2021-3483: fixed a use-after-free bug in nosy_ioctl() (bsc#1184393)..
- cve-2021-20219: fixed a denial of service vulnerability in drivers/tty/n_tty.c of the linux kernel..
In this flaw a local attacker with a normal user privilege could have delayed the loop and cause a threat to the system availability (bnc#1184397)..
- cve-2021-29265: fixed an issue in usbip_sockfd_store in drivers/usb/usbip/stub_dev.c that allowed attackers to cause a denial of service (gpf) because the stub-up sequence has race conditions during an update of the local and shared status (bnc#1184167)..
- cve-2021-29264: fixed an issue in drivers/net/ethernet/freescale/gianfar.c in the freescale gianfar ethernet driver that allowed attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and napi is enabled (bnc#1184168)..
- cve-2021-28972: fixed an issue in drivers/pci/hotplug/rpadlpar_sysfs.c where the rpa pci hotplug driver had a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly..
This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination (bnc#1184198)..
- cve-2021-28660: fixed rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c that allowed writing beyond the end of the ssid array (bnc#1183593)..
- cve-2020-0433: fixed blk_mq_queue_tag_busy_iter of blk-mq-tag.c, where a possible use after free due to improper locking could have happened..
this could have led to local escalation of privilege with no additional execution privileges needed..
User interaction is not needed for exploitation (bnc#1176720)..
- cve-2021-28038: fixed an issue with xen pv..
.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Successful exploitation allows attacker to compromise the system.