Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-14218

kernel update [SLES15 SP1 4.12.14-197.75.1]

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • Lustre 2.14.0
    • None
    • None
    • 9223372036854775807

      The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c
        which could have allowed local users to gain privileges or cause a
        denial of service (bsc#1179141).
      • CVE-2020-15437: Fixed a null pointer dereference which could have
        allowed local users to cause a denial of service(bsc#1179140).
      • CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit()
        (bsc#1178182).
      • CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107).
      • CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could
        have been used by local attackers to read kernel memory (bsc#1178886).
      • CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could
        have been used by local attackers to read privileged information or
        potentially crash the kernel (bsc#1178589).
      • CVE-2020-29371: Fixed uninitialized memory leaks to userspace
        (bsc#1179429).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2020-December/007943.html

            yujian Jian Yu
            yujian Jian Yu
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: