Bug 1188445 - (CVE-2021-21781) VUL-0: CVE-2021-21781: kernel-source,kernel-source-rt,kernel-source-azure: kernel: arm: SIGPAGE information disclosure vulnerability
(CVE-2021-21781)
VUL-0: CVE-2021-21781: kernel-source,kernel-source-rt,kernel-source-azure: ke...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/304006/
CVSSv3.1:SUSE:CVE-2021-21781:4.0:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-07-19 09:53 UTC by Marcus Meissner
Modified: 2022-07-21 20:03 UTC (History)
8 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2021-07-19 09:53:11 UTC
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11.

Reference:
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1981950
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21781
Comment 1 Marcus Meissner 2021-07-19 11:14:45 UTC
seems to be this one:

commit 9c698bff66ab4914bb3d71da7dc6112519bde23e
Author: Russell King <rmk+kernel@armlinux.org.uk>
Date:   Fri Jan 29 10:19:07 2021 +0000

    ARM: ensure the signal page contains defined contents
    
    Ensure that the signal page contains our poison instruction to increase
    the protection against ROP attacks and also contains well defined
    contents.
    
    Acked-by: Will Deacon <will@kernel.org>
    Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Comment 2 Marcus Meissner 2021-07-19 11:15:08 UTC
this is only arm32 bit, so affects only openSUSE Leap 15.2 and 15.3 at this time.
Comment 4 OBSbugzilla Bot 2021-07-21 11:12:25 UTC
This is an autogenerated message for OBS integration:
This bug (1188445) was mentioned in
https://build.opensuse.org/request/show/907471 15.2 / kernel-source
Comment 5 Matthias Brugger 2021-07-21 12:53:53 UTC
As SLE15-SP2 merges into SLE15-SP3 we should be fine now.
Comment 6 Takashi Iwai 2021-07-21 13:09:02 UTC
(In reply to Matthias Brugger from comment #5)
> As SLE15-SP2 merges into SLE15-SP3 we should be fine now.

You seem to have forgotten to update CVE number in the patch References tag.
Comment 7 Matthias Brugger 2021-07-21 13:16:16 UTC
(In reply to Takashi Iwai from comment #6)
> (In reply to Matthias Brugger from comment #5)
> > As SLE15-SP2 merges into SLE15-SP3 we should be fine now.
> 
> You seem to have forgotten to update CVE number in the patch References tag.

Thanks for noting, just refreshed the patch.
Comment 8 Swamp Workflow Management 2021-07-22 10:23:50 UTC
openSUSE-SU-2021:1076-1: An update that solves 5 vulnerabilities and has 24 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1152472,1152489,1155518,1170511,1176940,1179243,1180092,1183871,1184114,1184804,1185308,1185791,1186206,1187215,1187585,1188036,1188062,1188080,1188116,1188121,1188176,1188267,1188268,1188269,1188405,1188445
CVE References: CVE-2021-22555,CVE-2021-33909,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.84.1, kernel-default-5.3.18-lp152.84.1, kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1, kernel-docs-5.3.18-lp152.84.1, kernel-kvmsmall-5.3.18-lp152.84.1, kernel-obs-build-5.3.18-lp152.84.1, kernel-obs-qa-5.3.18-lp152.84.1, kernel-preempt-5.3.18-lp152.84.1, kernel-source-5.3.18-lp152.84.1, kernel-syms-5.3.18-lp152.84.1
Comment 16 OBSbugzilla Bot 2021-08-09 21:31:51 UTC
This is an autogenerated message for OBS integration:
This bug (1188445) was mentioned in
https://build.opensuse.org/request/show/911105 15.2 / kernel-source
Comment 17 Swamp Workflow Management 2021-08-10 13:22:40 UTC
openSUSE-SU-2021:2645-1: An update that solves 7 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1152472,1152489,1153274,1154353,1155518,1156395,1170511,1176447,1176940,1179243,1180092,1180814,1183871,1184114,1184350,1184631,1184804,1185308,1185377,1185791,1186194,1186206,1186482,1186483,1187215,1187476,1187495,1187585,1188036,1188080,1188101,1188121,1188126,1188176,1188267,1188268,1188269,1188323,1188366,1188405,1188445,1188504,1188620,1188683,1188703,1188720,1188746,1188747,1188748,1188752,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188893,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.17.1, kernel-source-azure-5.3.18-38.17.1, kernel-syms-azure-5.3.18-38.17.1
Comment 18 Swamp Workflow Management 2021-08-10 13:31:34 UTC
SUSE-SU-2021:2645-1: An update that solves 7 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1152472,1152489,1153274,1154353,1155518,1156395,1170511,1176447,1176940,1179243,1180092,1180814,1183871,1184114,1184350,1184631,1184804,1185308,1185377,1185791,1186194,1186206,1186482,1186483,1187215,1187476,1187495,1187585,1188036,1188080,1188101,1188121,1188126,1188176,1188267,1188268,1188269,1188323,1188366,1188405,1188445,1188504,1188620,1188683,1188703,1188720,1188746,1188747,1188748,1188752,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188893,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.17.1, kernel-source-azure-5.3.18-38.17.1, kernel-syms-azure-5.3.18-38.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2021-08-10 13:38:08 UTC
SUSE-SU-2021:2646-1: An update that solves four vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1153274,1154353,1155518,1156395,1176940,1179243,1180092,1183871,1184114,1184350,1184631,1184804,1185377,1185902,1186194,1186206,1186482,1186483,1187476,1188101,1188405,1188445,1188504,1188620,1188683,1188746,1188747,1188748,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.61.1, kernel-source-azure-5.3.18-18.61.1, kernel-syms-azure-5.3.18-18.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2021-08-10 22:22:21 UTC
openSUSE-SU-2021:1142-1: An update that solves 5 vulnerabilities and has 46 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1153274,1154353,1156395,1179243,1183871,1184114,1184350,1184631,1185377,1185902,1186194,1186264,1186482,1187476,1188101,1188405,1188445,1188504,1188620,1188683,1188746,1188747,1188748,1188770,1188771,1188772,1188773,1188774,1188777,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188838,1188842,1188876,1188885,1188973,1189021,1189057,1189077,802154
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-3659,CVE-2021-3679,CVE-2021-37576
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.87.1, kernel-default-5.3.18-lp152.87.1, kernel-default-base-5.3.18-lp152.87.1.lp152.8.40.1, kernel-docs-5.3.18-lp152.87.1, kernel-kvmsmall-5.3.18-lp152.87.1, kernel-obs-build-5.3.18-lp152.87.1, kernel-obs-qa-5.3.18-lp152.87.1, kernel-preempt-5.3.18-lp152.87.1, kernel-source-5.3.18-lp152.87.1, kernel-syms-5.3.18-lp152.87.1
Comment 21 Swamp Workflow Management 2021-08-12 16:22:12 UTC
SUSE-SU-2021:2678-1: An update that solves 5 vulnerabilities and has 36 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1153274,1154353,1156395,1176940,1179243,1183871,1184114,1184350,1184631,1185377,1186194,1186482,1186483,1187476,1188062,1188063,1188101,1188257,1188405,1188445,1188504,1188620,1188683,1188746,1188747,1188748,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188842,1188876,1188885,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-33909,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-5.3.18-48.1
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-48.1, kernel-rt_debug-5.3.18-48.1, kernel-source-rt-5.3.18-48.1, kernel-syms-rt-5.3.18-48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2021-08-14 13:27:22 UTC
openSUSE-SU-2021:2687-1: An update that solves 7 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1152472,1152489,1153274,1154353,1155518,1156395,1170511,1176447,1176940,1179243,1180092,1180814,1183871,1184114,1184350,1184631,1184804,1185308,1185377,1185791,1186194,1186206,1186482,1186483,1187215,1187476,1187495,1187585,1188036,1188080,1188101,1188121,1188126,1188176,1188267,1188268,1188269,1188323,1188366,1188405,1188445,1188504,1188620,1188683,1188703,1188720,1188746,1188747,1188748,1188752,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188893,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.19.1, kernel-64kb-5.3.18-59.19.1, kernel-debug-5.3.18-59.19.1, kernel-default-5.3.18-59.19.1, kernel-default-base-5.3.18-59.19.1.18.10.1, kernel-docs-5.3.18-59.19.1, kernel-kvmsmall-5.3.18-59.19.1, kernel-obs-build-5.3.18-59.19.1, kernel-obs-qa-5.3.18-59.19.1, kernel-preempt-5.3.18-59.19.1, kernel-source-5.3.18-59.19.1, kernel-syms-5.3.18-59.19.1, kernel-zfcpdump-5.3.18-59.19.1
Comment 23 Swamp Workflow Management 2021-08-14 13:36:31 UTC
SUSE-SU-2021:2687-1: An update that solves 7 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1152472,1152489,1153274,1154353,1155518,1156395,1170511,1176447,1176940,1179243,1180092,1180814,1183871,1184114,1184350,1184631,1184804,1185308,1185377,1185791,1186194,1186206,1186482,1186483,1187215,1187476,1187495,1187585,1188036,1188080,1188101,1188121,1188126,1188176,1188267,1188268,1188269,1188323,1188366,1188405,1188445,1188504,1188620,1188683,1188703,1188720,1188746,1188747,1188748,1188752,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188893,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.19.1, kernel-preempt-5.3.18-59.19.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.19.1, kernel-livepatch-SLE15-SP3_Update_5-1-7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.19.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.19.1, kernel-obs-build-5.3.18-59.19.1, kernel-preempt-5.3.18-59.19.1, kernel-source-5.3.18-59.19.1, kernel-syms-5.3.18-59.19.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.19.1, kernel-default-5.3.18-59.19.1, kernel-default-base-5.3.18-59.19.1.18.10.1, kernel-preempt-5.3.18-59.19.1, kernel-source-5.3.18-59.19.1, kernel-zfcpdump-5.3.18-59.19.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.19.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2021-08-17 16:23:04 UTC
SUSE-SU-2021:2756-1: An update that solves four vulnerabilities and has 37 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1153274,1154353,1155518,1156395,1176940,1179243,1180092,1183871,1184114,1184350,1184631,1184804,1185377,1186194,1186206,1186482,1186483,1187476,1188101,1188405,1188445,1188504,1188620,1188683,1188746,1188747,1188748,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188973
CVE References: CVE-2021-21781,CVE-2021-22543,CVE-2021-3659,CVE-2021-37576
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.78.1, kernel-default-base-5.3.18-24.78.1.9.36.1
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.78.1, kernel-preempt-5.3.18-24.78.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.78.1, kernel-livepatch-SLE15-SP2_Update_18-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.78.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.78.1, kernel-obs-build-5.3.18-24.78.1, kernel-preempt-5.3.18-24.78.1, kernel-source-5.3.18-24.78.1, kernel-syms-5.3.18-24.78.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.78.1, kernel-default-base-5.3.18-24.78.1.9.36.1, kernel-preempt-5.3.18-24.78.1, kernel-source-5.3.18-24.78.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.78.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Carlos López 2022-06-09 08:45:51 UTC
Done, closing.