Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-13861

kernel update [SLES12 SP5 4.12.14-122.29.1]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

      The following security bugs were fixed:

      • CVE-2020-14331: A buffer over write in vgacon_scroll was fixed
        (bnc#1174205).
      • CVE-2020-10135: Legacy pairing and secure-connections pairing
        authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier
        may have allowed an unauthenticated user to complete authentication
        without pairing credentials via adjacent access. An unauthenticated,
        adjacent attacker could impersonate a Bluetooth BR/EDR master or slave
        to pair with a previously paired remote device to successfully complete
        the authentication procedure without knowing the link key (bnc#1171988).
      • CVE-2020-0305: In cdev_get of char_dev.c, there is a possible
        use-after-free due to a race condition. This could lead to local
        escalation of privilege with System execution privileges needed. User
        interaction is not needed for exploitation (bnc#1174462).
      • CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c
        where incorrect access permissions for the efivar_ssdt ACPI variable
        could be used by attackers to bypass lockdown or secure boot
        restrictions, aka CID-1957a85b0032 (bnc#1173567).
      • CVE-2020-10781: zram sysfs resource consumption was fixed (bnc#1173074).
      • CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c
        where injection of malicious ACPI tables via configfs could be used by
        attackers to bypass lockdown and secure boot restrictions, aka
        CID-75b0cea7bf30 (bnc#1173573).
      • CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a
        memory leak, aka CID-28ebeb8db770 (bnc#1173514).
      • CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a
        deadlock if a coalescing operation fails (bnc#1171732).
      • CVE-2019-16746: net/wireless/nl80211.c did not check the length of
        variable elements in a beacon head, leading to a buffer overflow
        (bnc#1152107).
      • CVE-2020-12888: The VFIO PCI driver mishandled attempts to access
        disabled memory space (bnc#1171868).
      • CVE-2020-10769: A buffer over-read flaw was found in
        crypto_authenc_extractkeys in crypto/authenc.c in the IPsec
        Cryptographic algorithm's module, authenc. When a payload longer than 4
        bytes, and is not following 4-byte alignment boundary guidelines, it
        causes a buffer over-read threat, leading to a system crash. This flaw
        allowed a local attacker with user privileges to cause a denial of
        service (bnc#1173265).
      • CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed
        (bnc#1172999).
      • CVE-2020-14416: A race condition in tty->disc_data handling in the slip
        and slcan line discipline could lead to a use-after-free, aka
        CID-0ace17d56824. This affects drivers/net/slip/slip.c and
        drivers/net/can/slcan.c (bnc#1162002).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2020-August/007225.html

      Attachments

        Issue Links

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: