openSUSE 15.1: Security Update: Important Kernel Fixes and Bugs
opensuse
March 27, 2020
An update that solves four vulnerabilities and has 37 fixes is now available.
Description
The openSUSE Leap 15.1 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2020-8647: There was a use-after-free vulnerability in the
vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).
- CVE-2020-8649: There was a use-after-free vulnerability in the
vgacon_invert_region function in drivers/video/console/vgacon.c
(bnc#1162929 1162931).
- CVE-2020-9383: An issue was discovered in the set_fdc in
drivers/block/floppy.c that lead to a wait_til_ready out-of-bounds read
because the FDC index is not checked for errors before assigning it, aka
CID-2e90ca68b0d2 (bnc#1165111).
- CVE-2019-19768: There was a use-after-free (read) in the __blk_add_trace
function in kernel/trace/blktrace.c (which is used to fill out a
blk_io_trace structure and place it in a per-cpu sub-buffer)
(bnc#1159285).
The following non-security bugs were fixed:
- ALSA:...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-388=1
Package List
- openSUSE Leap 15.1 (noarch):
kernel-devel-4.12.14-lp151.28.44.1
kernel-docs-4.12.14-lp151.28.44.1
kernel-docs-html-4.12.14-lp151.28.44.1
kernel-macros-4.12.14-lp151.28.44.1
kernel-source-4.12.14-lp151.28.44.1
kernel-source-vanilla-4.12.14-lp151.28.44.1
- openSUSE Leap 15.1 (x86_64):
kernel-debug-4.12.14-lp151.28.44.1
kernel-debug-base-4.12.14-lp151.28.44.1
kernel-debug-base-debuginfo-4.12.14-lp151.28.44.1
kernel-debug-debuginfo-4.12.14-lp151.28.44.1
kernel-debug-debugsource-4.12.14-lp151.28.44.1
kernel-debug-devel-4.12.14-lp151.28.44.1
kernel-debug-devel-debuginfo-4.12.14-lp151.28.44.1
kernel-default-4.12.14-lp151.28.44.1
kernel-default-base-4.12.14-lp151.28.44.1
kernel-default-base-debuginfo-4.12.14-lp151.28.44.1
kernel-default-debuginfo-4.12.14-lp151.28.44.1
kernel-default-debugsource-4.12.14-lp151.28.44.1
kernel-default-devel-4.12.14-lp151.28.44.1
kernel-default-devel-debuginfo-4.12.14-lp151.28.44.1
kernel-kvmsmall-4.12.14-lp151.28.44.1
kernel-kvmsmall-base-4.12.14-lp151.28.44.1
kernel-kvmsmall-base-debu...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2019-19768.html
https://www.suse.com/security/cve/CVE-2020-8647.html
https://www.suse.com/security/cve/CVE-2020-8649.html
https://www.suse.com/security/cve/CVE-2020-9383.html
https://bugzilla.suse.com/1044231
https://bugzilla.suse.com/1051510
https://bugzilla.suse.com/1056686
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1111666
https://bugzilla.suse.com/1111974
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1113956
https://bugzilla.suse.com/1114279
https://bugzilla.suse.com/1119680
https://bugzilla.suse.com/1141895
https://bugzilla.suse.com/1156510
https://bugzilla.suse.com/1158187
https://bugzilla.suse.com/1159285
https://bugzilla.suse.com/1161561
https://bugzilla.suse.com/1162929
https://bugzilla.suse.com/1162931
https://bugzilla.suse.com/1164078
https://bugzilla.suse.com/1164507
https://bugzilla.suse.com/1164632
https://bugzilla.suse.com/1165111
https://bugzilla.suse.com/1165741
https://bugzilla.suse.com/1165873
https://bugzilla.suse.com/116592...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2020:0388-1
Rating: important
Affected Products:
openSUSE Leap 15.1
le.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!