Details
-
Improvement
-
Resolution: Fixed
-
Minor
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c
which could have allowed local users to gain privileges or cause a
denial of service (bsc#1179141). - CVE-2020-15437: Fixed a null pointer dereference which could have
allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit()
(bsc#1178182). - CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107).
- CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could
have been used by local attackers to read kernel memory (bsc#1178886). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could
have been used by local attackers to read privileged information or
potentially crash the kernel (bsc#1178589). - CVE-2020-29371: Fixed uninitialized memory leaks to userspace
(bsc#1179429).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-December/007943.html