vulnerability
SUSE: CVE-2018-25020: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Dec 8, 2021 | Jan 14, 2022 | Feb 18, 2022 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Dec 8, 2021
Added
Jan 14, 2022
Modified
Feb 18, 2022
Description
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.
Solution(s)
suse-upgrade-kernel-debug-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-docssuse-upgrade-kernel-kvmsmall-basesuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-vanillasuse-upgrade-kernel-vanilla-basesuse-upgrade-kernel-vanilla-develsuse-upgrade-kernel-vanilla-livepatch-develsuse-upgrade-kernel-zfcpdump-man
References
- SUSE-SUSE-SU-2022:0068-1
- SUSE-SUSE-SU-2022:0080-1
- SUSE-SUSE-SU-2022:0237-1
- SUSE-SUSE-SU-2022:0243-1
- SUSE-SUSE-SU-2022:0245-1
- SUSE-SUSE-SU-2022:0255-1
- SUSE-SUSE-SU-2022:0296-1
- SUSE-SUSE-SU-2022:0298-1
- SUSE-SUSE-SU-2022:0325-1
- SUSE-SUSE-SU-2022:0327-1
- SUSE-SUSE-SU-2022:0328-1
- SUSE-SUSE-SU-2022:0329-1
- SUSE-SUSE-SU-2022:0362-1
- SUSE-SUSE-SU-2022:0367-1
- SUSE-SUSE-SU-2022:0371-1
- SUSE-SUSE-SU-2022:0477-1
- NVD-CVE-2018-25020
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.