[LU-13964] kernel update [SLES12 SP5 4.12.14-122.37.1] Created: 14/Sep/20  Updated: 14/Oct/20  Resolved: 14/Oct/20

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-13861 kernel update [SLES12 SP5 4.12.14-122... Resolved
is related to LU-14030 kernel update [SLES12 SP5 4.12.14-122... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup
    (bsc#1165629).
  • CVE-2020-14314: Fixed a potential negative array index in do_split()
    (bsc#1173798).
  • CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem
    which could have led to privilege escalation (bsc#1175213).
  • CVE-2020-14331: Fixed a missing check in vgacon scrollback handling
    (bsc#1174205).
  • CVE-2020-16166: Fixed a potential issue which could have allowed remote
    attackers to make observations that help to obtain sensitive information
    about the internal state of the network RNG (bsc#1174757).
  • CVE-2020-24394: Fixed an issue which could set incorrect permissions on
    new filesystem objects when the filesystem lacks ACL support
    (bsc#1175518).
  • CVE-2020-14386: Fixed a potential local privilege escalation via memory
    corruption (bsc#1176069).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-September/007382.html

 Comments   
Comment by Jian Yu [ 14/Oct/20 ]

A new version is available: LU-14030

Generated at Sat Feb 10 03:05:42 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.