Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c
which could have allowed local users to gain privileges or cause a
denial of service (bsc#1179141). - CVE-2020-15437: Fixed a null pointer dereference which could have
allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op
(bsc#1178123). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit()
(bsc#1178182). - CVE-2020-25704: Fixed a leak in perf_event_parse_addr_filter()
(bsc#1178393). - CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
- CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could
have been used by local attackers to read kernel memory (bsc#1178886). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could
have been used by local attackers to read privileged information or
potentially crash the kernel (bsc#1178589). - CVE-2020-29371: Fixed uninitialized memory leaks to userspace
(bsc#1179429). - CVE-2020-25705: Fixed an issue which could have allowed to quickly scan
open UDP ports. This flaw allowed an off-path remote user to effectively
bypassing source port UDP randomization (bsc#1175721).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-December/007942.html