[LU-13861] kernel update [SLES12 SP5 4.12.14-122.29.1] Created: 05/Aug/20  Updated: 14/Sep/20  Resolved: 14/Sep/20

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-13741 kernel update [SLES12 SP5 4.12.14-122... Resolved
is related to LU-13964 kernel update [SLES12 SP5 4.12.14-122... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-14331: A buffer over write in vgacon_scroll was fixed
    (bnc#1174205).
  • CVE-2020-10135: Legacy pairing and secure-connections pairing
    authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier
    may have allowed an unauthenticated user to complete authentication
    without pairing credentials via adjacent access. An unauthenticated,
    adjacent attacker could impersonate a Bluetooth BR/EDR master or slave
    to pair with a previously paired remote device to successfully complete
    the authentication procedure without knowing the link key (bnc#1171988).
  • CVE-2020-0305: In cdev_get of char_dev.c, there is a possible
    use-after-free due to a race condition. This could lead to local
    escalation of privilege with System execution privileges needed. User
    interaction is not needed for exploitation (bnc#1174462).
  • CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c
    where incorrect access permissions for the efivar_ssdt ACPI variable
    could be used by attackers to bypass lockdown or secure boot
    restrictions, aka CID-1957a85b0032 (bnc#1173567).
  • CVE-2020-10781: zram sysfs resource consumption was fixed (bnc#1173074).
  • CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c
    where injection of malicious ACPI tables via configfs could be used by
    attackers to bypass lockdown and secure boot restrictions, aka
    CID-75b0cea7bf30 (bnc#1173573).
  • CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a
    memory leak, aka CID-28ebeb8db770 (bnc#1173514).
  • CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a
    deadlock if a coalescing operation fails (bnc#1171732).
  • CVE-2019-16746: net/wireless/nl80211.c did not check the length of
    variable elements in a beacon head, leading to a buffer overflow
    (bnc#1152107).
  • CVE-2020-12888: The VFIO PCI driver mishandled attempts to access
    disabled memory space (bnc#1171868).
  • CVE-2020-10769: A buffer over-read flaw was found in
    crypto_authenc_extractkeys in crypto/authenc.c in the IPsec
    Cryptographic algorithm's module, authenc. When a payload longer than 4
    bytes, and is not following 4-byte alignment boundary guidelines, it
    causes a buffer over-read threat, leading to a system crash. This flaw
    allowed a local attacker with user privileges to cause a denial of
    service (bnc#1173265).
  • CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed
    (bnc#1172999).
  • CVE-2020-14416: A race condition in tty->disc_data handling in the slip
    and slcan line discipline could lead to a use-after-free, aka
    CID-0ace17d56824. This affects drivers/net/slip/slip.c and
    drivers/net/can/slcan.c (bnc#1162002).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-August/007225.html

 Comments   
Comment by Jian Yu [ 14/Sep/20 ]

A new version is available: LU-13964

Generated at Sat Feb 10 03:04:51 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.