openSUSE Leap 15.1: 2020:0543-1 Important: Kernel Security Issues
opensuse
April 23, 2020
An update that solves 7 vulnerabilities and has 76 fixes is now available.
Description
The openSUSE Leap 15.1 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2020-11669: An issue was discovered on the powerpc platform.
arch/powerpc/kernel/idle_book3s.S did not have save/restore
functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and
PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd (bnc#1169390).
- CVE-2020-8834: KVM on Power8 processors had a conflicting use of
HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in
kvmppc_{save,restore}_tm, leading to a stack corruption. Because of
this, an attacker with the ability run code in kernel space of a guest
VM can cause the host kernel to panic. There were two commits that,
according to the reporter, introduced the vulnerability: f024ee098476
("KVM: PPC: Book3S HV: Pull out TM state save/restore into separate
procedures") 87a11bb6a7f7 ("KVM: PPC: Book3S HV: Work around XER[SO] bug
in fake...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-543=1
Package List
- openSUSE Leap 15.1 (noarch):
kernel-devel-4.12.14-lp151.28.48.1
kernel-docs-4.12.14-lp151.28.48.1
kernel-docs-html-4.12.14-lp151.28.48.1
kernel-macros-4.12.14-lp151.28.48.1
kernel-source-4.12.14-lp151.28.48.1
kernel-source-vanilla-4.12.14-lp151.28.48.1
- openSUSE Leap 15.1 (x86_64):
kernel-debug-4.12.14-lp151.28.48.1
kernel-debug-base-4.12.14-lp151.28.48.1
kernel-debug-base-debuginfo-4.12.14-lp151.28.48.1
kernel-debug-debuginfo-4.12.14-lp151.28.48.1
kernel-debug-debugsource-4.12.14-lp151.28.48.1
kernel-debug-devel-4.12.14-lp151.28.48.1
kernel-debug-devel-debuginfo-4.12.14-lp151.28.48.1
kernel-default-4.12.14-lp151.28.48.1
kernel-default-base-4.12.14-lp151.28.48.1
kernel-default-base-debuginfo-4.12.14-lp151.28.48.1
kernel-default-debuginfo-4.12.14-lp151.28.48.1
kernel-default-debugsource-4.12.14-lp151.28.48.1
kernel-default-devel-4.12.14-lp151.28.48.1
kernel-default-devel-debuginfo-4.12.14-lp151.28.48.1
kernel-kvmsmall-4.12.14-lp151.28.48.1
kernel-kvmsmall-base-4.12.14-lp151.28.48.1
kernel-kvmsmall-base-debu...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2019-19770.html
https://www.suse.com/security/cve/CVE-2019-3701.html
https://www.suse.com/security/cve/CVE-2019-9458.html
https://www.suse.com/security/cve/CVE-2020-10942.html
https://www.suse.com/security/cve/CVE-2020-11494.html
https://www.suse.com/security/cve/CVE-2020-11669.html
https://www.suse.com/security/cve/CVE-2020-8834.html
https://bugzilla.suse.com/1051510
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1083647
https://bugzilla.suse.com/1085030
https://bugzilla.suse.com/1109911
https://bugzilla.suse.com/1111666
https://bugzilla.suse.com/1113956
https://bugzilla.suse.com/1114279
https://bugzilla.suse.com/1118338
https://bugzilla.suse.com/1120386
https://bugzilla.suse.com/1137325
https://bugzilla.suse.com/1142685
https://bugzilla.suse.com/1145051
https://bugzilla.suse.com/1145929
https://bugzilla.suse.com/1148868
https://bugzilla.suse.com/1157424
https://bugzilla.suse.com/1158983
https://bugzilla.suse.com/1159037
https...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2020:0543-1
Rating: important
Affected Products:
openSUSE Leap 15.1
le.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!