[#LU-14078] kernel update [SLES15 SP2 5.3.18-24.29.2]

[LU-14078] kernel update [SLES15 SP2 5.3.18-24.29.2] Created: 26/Oct/20 Updated: 07/Nov/20 Resolved: 07/Nov/20
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	None
Fix Version/s:	None

Type:

Improvement

Priority:

Minor

Reporter:

Jian Yu

Assignee:

Jian Yu

Resolution:

Won't Fix

Votes:

Labels:

None

Issue Links:

Rank (Obsolete):

9223372036854775807

Description

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

CVE-2020-12351: Fixed a type confusion while processing AMP packets aka
"BleedingTooth" aka "BadKarma" (bsc#1177724).
CVE-2020-24490: Fixed a heap buffer overflow when processing extended
advertising report events aka "BleedingTooth" aka "BadVibes"
(bsc#1177726).
CVE-2020-12352: Fixed an information leak when processing certain AMP
packets aka "BleedingTooth" aka "BadChoice" (bsc#1177725).
CVE-2020-25641: Fixed a zero-length biovec request issued by the block
subsystem could have caused the kernel to enter an infinite loop,
causing a denial of service (bsc#1177121).
CVE-2020-25643: Fixed a memory corruption and a read overflow which
could have caused by improper input validation in the ppp_cp_parse_cr
function (bsc#1177206).
CVE-2020-25645: Fixed an issue which traffic between two Geneve
endpoints may be unencrypted when IPsec is configured to encrypt traffic
for the specific UDP port used by the GENEVE tunnel allowing anyone
between the two endpoints to read the traffic unencrypted (bsc#1177511).

Comments

Comment by Jian Yu [ 07/Nov/20 ]

A new version is in ~~LU-14127~~

Generated at Sat Feb 10 03:06:39 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.