Bug 1189393 - (CVE-2021-38209) VUL-0: CVE-2021-38209: kernel-source,kernel-source-rt,kernel-source-azure: kernel: net/netfilter/nf_conntrack_standalone.c allows observation of changes in any net namespace because these changes are leaked into all other net namespaces
(CVE-2021-38209)
VUL-0: CVE-2021-38209: kernel-source,kernel-source-rt,kernel-source-azure: ke...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/306036/
CVSSv3.1:SUSE:CVE-2021-38209:3.3:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-08-12 13:04 UTC by Gianluca Gabrielli
Modified: 2022-07-21 20:08 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gianluca Gabrielli 2021-08-12 13:04:24 UTC
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.

Reference and upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2671fa4dc0109d3fb581bc3078fdf17b5d9080f6

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1992815
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38209
https://github.com/torvalds/linux/commit/2671fa4dc0109d3fb581bc3078fdf17b5d9080f6
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.2
Comment 1 Gianluca Gabrielli 2021-08-12 13:05:46 UTC
Affected branch:
 - SLE15-SP2

Already patched branches:
 - SLE15-SP3
 - master
 - stable

Fix commit ID: 2671fa4dc0109d3fb581bc3078fdf17b5d9080f6
Comment 2 Takashi Iwai 2021-08-12 13:22:06 UTC
Judging from the fix commit, it looks like that the bug was introduced by the commit d0febd81ae77, which is in 5.7 kernel.  And this seems to be backported only in SLE15-SP3, so SLE15-SP2 should be unaffected.

I'm going to update the patch reference in SLE15-SP3.
Comment 3 Takashi Iwai 2021-08-13 07:59:02 UTC
The patch reference update on SLE15-SP3 was pushed to my for-next branch.

Reassigned back to security team.
Comment 19 Swamp Workflow Management 2021-09-21 20:12:59 UTC
# maintenance_jira_update_notice
openSUSE-SU-2021:3179-1: An update that solves 20 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189696,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,1190413,1190428
CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.22.2, kernel-source-azure-5.3.18-38.22.1, kernel-syms-azure-5.3.18-38.22.1
Comment 20 Swamp Workflow Management 2021-09-21 20:37:11 UTC
# maintenance_jira_update_notice
SUSE-SU-2021:3179-1: An update that solves 20 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189696,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,1190413,1190428
CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.22.2, kernel-source-azure-5.3.18-38.22.1, kernel-syms-azure-5.3.18-38.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2021-09-23 19:53:32 UTC
SUSE-SU-2021:3205-1: An update that solves 20 vulnerabilities and has 106 fixes is now available.

Category: security (important)
Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,1190413,1190428
CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.24.1, kernel-preempt-5.3.18-59.24.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.24.1, kernel-livepatch-SLE15-SP3_Update_6-1-7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.24.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.24.1, kernel-obs-build-5.3.18-59.24.1, kernel-preempt-5.3.18-59.24.1, kernel-source-5.3.18-59.24.1, kernel-syms-5.3.18-59.24.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.24.1, kernel-default-5.3.18-59.24.1, kernel-default-base-5.3.18-59.24.1.18.12.1, kernel-preempt-5.3.18-59.24.1, kernel-source-5.3.18-59.24.1, kernel-zfcpdump-5.3.18-59.24.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2021-09-23 20:12:40 UTC
openSUSE-SU-2021:3205-1: An update that solves 20 vulnerabilities and has 106 fixes is now available.

Category: security (important)
Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,1190413,1190428
CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.24.1, kernel-64kb-5.3.18-59.24.1, kernel-debug-5.3.18-59.24.1, kernel-default-5.3.18-59.24.1, kernel-default-base-5.3.18-59.24.1.18.12.1, kernel-docs-5.3.18-59.24.1, kernel-kvmsmall-5.3.18-59.24.1, kernel-obs-build-5.3.18-59.24.1, kernel-obs-qa-5.3.18-59.24.1, kernel-preempt-5.3.18-59.24.1, kernel-source-5.3.18-59.24.1, kernel-syms-5.3.18-59.24.1, kernel-zfcpdump-5.3.18-59.24.1
Comment 24 Swamp Workflow Management 2021-10-13 13:33:37 UTC
SUSE-SU-2021:3205-2: An update that solves 20 vulnerabilities and has 106 fixes is now available.

Category: security (important)
Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,1190413,1190428
CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209
JIRA References: 
Sources used:
SUSE MicroOS 5.1 (src):    kernel-default-5.3.18-59.24.1, kernel-default-base-5.3.18-59.24.1.18.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Gabriele Sonnu 2022-04-07 15:29:49 UTC
Done.