[#LU-13962] kernel update [SLES15 SP1 4.12.14-197.56.1]

[LU-13962] kernel update [SLES15 SP1 4.12.14-197.56.1] Created: 14/Sep/20 Updated: 14/Oct/20 Resolved: 14/Oct/20
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	None
Fix Version/s:	None

Type:

Improvement

Priority:

Minor

Reporter:

Jian Yu

Assignee:

Jian Yu

Resolution:

Won't Fix

Votes:

Labels:

None

Issue Links:

Rank (Obsolete):

9223372036854775807

Description

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup
(bsc#1165629).
CVE-2020-14314: Fixed a potential negative array index in do_split()
(bsc#1173798).
CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem
which could have led to privilege escalation (bsc#1175213).
CVE-2020-14331: Fixed a missing check in vgacon scrollback handling
(bsc#1174205).
CVE-2020-16166: Fixed a potential issue which could have allowed remote
attackers to make observations that help to obtain sensitive information
about the internal state of the network RNG (bsc#1174757).
CVE-2020-24394: Fixed an issue which could set incorrect permissions on
new filesystem objects when the filesystem lacks ACL support
(bsc#1175518).
CVE-2020-10135: Legacy pairing and secure-connections pairing
authentication Bluetooth might have allowed an unauthenticated user to
complete authentication without pairing credentials via adjacent access
(bsc#1171988).
CVE-2020-14386: Fixed a potential local privilege escalation via memory
corruption (bsc#1176069).

Comments

Comment by Jian Yu [ 14/Oct/20 ]

A new version is available: ~~LU-14028~~

Generated at Sat Feb 10 03:05:41 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.