Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-10768: The prctl() function could be used to enable indirect
branch speculation even after it has been disabled. (bnc#1172783) - CVE-2020-10766: A bug in the logic handling could allow an attacker with
a local account to disable SSBD protection. (bnc#1172781) - CVE-2020-10767: A IBPB would be disabled when STIBP was not available or
when Enhanced Indirect Branch Restricted Speculation (IBRS) was
available. This is unexpected behaviour could leave the system open to a
spectre v2 style attack (bnc#1172782) - CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if
k_ascii was called several times in a row (bnc#1172775) - CVE-2019-20810: go7007_snd_init did not call snd_card_free for a failure
path, which caused a memory leak (bnc#1172458)
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-June/006990.html