Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-15780: A lockdown bypass for loading unsigned modules using
ACPI table injection was fixed. (bsc#1173573) - CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).
- CVE-2020-12771: An issue was discovered in btree_gc_coalesce in
drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails
(bnc#1171732). - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access
disabled memory space (bnc#1171868). - CVE-2020-10773: Fixed a memory leak on s390/s390x, in the
cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999). - CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the
slip and slcan line discipline could lead to a use-after-free. This
affects drivers/net/slip/slip.c and drivers/net/can/slcan.c
(bnc#1162002). - CVE-2020-10768: Fixed an issue with the prctl() function, where indirect
branch speculation could be enabled even though it was diabled before
(bnc#1172783). - CVE-2020-10766: Fixed an issue which allowed an attacker with a local
account to disable SSBD protection (bnc#1172781). - CVE-2020-10767: Fixed an issue where Indirect Branch Prediction Barrier
was disabled in certain circumstances, leaving the system open to a
spectre v2 style attack (bnc#1172782). - CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c,
if k_ascii is called several times in a row (bnc#1172775). - CVE-2020-0305: Fixed a possible use-after-free due to a race condition
incdev_get of char_dev.c. This could lead to local escalation of
privilege. User interaction is not needed for exploitation (bnc#1174462). - CVE-2020-10769: A buffer over-read flaw was found in
crypto_authenc_extractkeys in crypto/authenc.c in the IPsec
Cryptographic algorithm's module, authenc. This flaw allowed a local
attacker with user privileges to cause a denial of service (bnc#1173265). - CVE-2020-10781: Fixed a denial of service issue in the ZRAM
implementation (bnc#1173074). - CVE-2019-20908: Fixed incorrect access permissions for the efivar_ssdt
ACPI variable, which could be used by attackers to bypass lockdown or
secure boot restrictions (bnc#1173567). - CVE-2019-20810: Fixed a memory leak in go7007_snd_init in
drivers/media/usb/go7007/snd-go7007.c because it did not call
snd_card_free for a failure path (bnc#1172458). - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c,
related to invalid length checks for variable elements in a beacon head
(bnc#1152107).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-August/007216.html