SUSE-SU-2020:14442-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999). - CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002). - CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775). - CVE-2020-10732: A flaw was found in the implementation of Userspace core dumps. This flaw allowed an attacker with a local account to crash a trivial program and exfiltrate private kernel data (bnc#1171220). - CVE-2020-12656: Fixed a memory leak in gss_mech_free in the rpcsec_gss_krb5 implementation, caused by a lack of certain domain_release calls (bnc#1171219). - CVE-2020-0305: Fixed a possible use-after-free due to a race condition incdev_get of char_dev.c. This could lead to local escalation of privilege. User interaction is not needed for exploitation (bnc#1174462). - CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265). - CVE-2020-12652: The __mptctl_ioctl function in drivers/message/fusion/mptctl.c allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability (bnc#1171218). - CVE-2019-5108: Fixed a denial-of-service vulnerability in the wifi stack. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed (bnc#1159912). The following non-security bugs were fixed: - Fix gcc-discovered error in zeroing a struct (bnc#680814)
Affected Systems
- suse•kernel-bigmem&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-pae&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-ppc64&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-trace&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
- suse•kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
< 3.0.101-108.117.1
References (21)
- https://www.suse.com/support/update/announcement/2020/suse-su-202014442-1/
- https://bugzilla.suse.com/1159912
- https://bugzilla.suse.com/1159913
- https://bugzilla.suse.com/1162002
- https://bugzilla.suse.com/1171218
- https://bugzilla.suse.com/1171219
- https://bugzilla.suse.com/1171220
- https://bugzilla.suse.com/1172775
- https://bugzilla.suse.com/1172999
- https://bugzilla.suse.com/1173265
- https://bugzilla.suse.com/1174462
- https://bugzilla.suse.com/1174543
- https://www.suse.com/security/cve/CVE-2019-5108
- https://www.suse.com/security/cve/CVE-2020-0305
- https://www.suse.com/security/cve/CVE-2020-10732
- https://www.suse.com/security/cve/CVE-2020-10769
- https://www.suse.com/security/cve/CVE-2020-10773
- https://www.suse.com/security/cve/CVE-2020-12652
- https://www.suse.com/security/cve/CVE-2020-12656
- https://www.suse.com/security/cve/CVE-2020-13974
- https://www.suse.com/security/cve/CVE-2020-14416