Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup
(bsc#1165629). - CVE-2020-14314: Fixed a potential negative array index in do_split()
(bsc#1173798). - CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem
which could have led to privilege escalation (bsc#1175213). - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling
(bsc#1174205). - CVE-2020-16166: Fixed a potential issue which could have allowed remote
attackers to make observations that help to obtain sensitive information
about the internal state of the network RNG (bsc#1174757). - CVE-2020-24394: Fixed an issue which could set incorrect permissions on
new filesystem objects when the filesystem lacks ACL support
(bsc#1175518). - CVE-2020-10135: Legacy pairing and secure-connections pairing
authentication Bluetooth might have allowed an unauthenticated user to
complete authentication without pairing credentials via adjacent access
(bsc#1171988). - CVE-2020-14386: Fixed a potential local privilege escalation via memory
corruption (bsc#1176069).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-September/007388.html