Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka
"BleedingTooth" aka "BadKarma" (bsc#1177724). - CVE-2020-24490: Fixed a heap buffer overflow when processing extended
advertising report events aka "BleedingTooth" aka "BadVibes"
(bsc#1177726). - CVE-2020-12352: Fixed an information leak when processing certain AMP
packets aka "BleedingTooth" aka "BadChoice" (bsc#1177725). - CVE-2020-25641: Fixed a zero-length biovec request issued by the block
subsystem could have caused the kernel to enter an infinite loop,
causing a denial of service (bsc#1177121). - CVE-2020-25643: Fixed a memory corruption and a read overflow which
could have caused by improper input validation in the ppp_cp_parse_cr
function (bsc#1177206). - CVE-2020-25645: Fixed an issue which traffic between two Geneve
endpoints may be unencrypted when IPsec is configured to encrypt traffic
for the specific UDP port used by the GENEVE tunnel allowing anyone
between the two endpoints to read the traffic unencrypted (bsc#1177511).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-October/007603.html
A new version is in
LU-14127