openSUSE Leap 15.2: 2020:1236-1 Important: Linux Kernel Fixes
opensuse
August 21, 2020
An update that solves 7 vulnerabilities and has 109 fixes is now available.
Description
The openSUSE Leap 15.2 kernel was updated to receive various security and
bugfixes.
This update is signed with the new UEFI signing key for openSUSE. It
contains rebuilds of all available KMP packages also rebuilt with the new
UEFi signing key. (boo#1174543)
The following security bugs were fixed:
- CVE-2020-14356: A use after free vulnerability in cgroup BPF component
was fixed (bsc#1175213).
- CVE-2020-14331: A buffer over write in vgacon_scroll was fixed
(bnc#1174205).
- CVE-2020-16166: The Linux kernel allowed remote attackers to make
observations that help to obtain sensitive information about the
internal state of the network RNG, aka CID-f227e3ec3b5c. This is related
to drivers/char/random.c and kernel/time/timer.c (bnc#1174757).
- CVE-2020-10135: Legacy pairing and secure-connections pairing
authentication in Bluetooth® BR/EDR Core Specification v5.2 and earlier
may have allowed an unauthenticated user to...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1236=1
Package List
- openSUSE Leap 15.2 (noarch):
dpdk-doc-19.11.1-lp152.2.5.1
kernel-devel-5.3.18-lp152.36.1
kernel-docs-5.3.18-lp152.36.1
kernel-docs-html-5.3.18-lp152.36.1
kernel-macros-5.3.18-lp152.36.1
kernel-source-5.3.18-lp152.36.1
kernel-source-vanilla-5.3.18-lp152.36.1
virtualbox-guest-desktop-icons-6.1.10-lp152.2.2.1
virtualbox-guest-source-6.1.10-lp152.2.2.1
virtualbox-host-source-6.1.10-lp152.2.2.1
- openSUSE Leap 15.2 (x86_64):
bbswitch-0.8-lp152.6.2.1
bbswitch-debugsource-0.8-lp152.6.2.1
bbswitch-kmp-default-0.8_k5.3.18_lp152.36-lp152.6.2.1
bbswitch-kmp-default-debuginfo-0.8_k5.3.18_lp152.36-lp152.6.2.1
bbswitch-kmp-preempt-0.8_k5.3.18_lp152.36-lp152.6.2.1
bbswitch-kmp-preempt-debuginfo-0.8_k5.3.18_lp152.36-lp152.6.2.1
crash-7.2.8-lp152.3.2.1
crash-debuginfo-7.2.8-lp152.3.2.1
crash-debugsource-7.2.8-lp152.3.2.1
crash-devel-7.2.8-lp152.3.2.1
crash-doc-7.2.8-lp152.3.2.1
crash-eppic-7.2.8-lp152.3.2.1
crash-eppic-debuginfo-7.2.8-lp152.3.2.1
crash-gcore-7.2.8-lp152.3.2.1
crash-gcore-debuginfo-7.2.8-lp152.3.2.1
crash-kmp-d...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2020-0305.html
https://www.suse.com/security/cve/CVE-2020-10135.html
https://www.suse.com/security/cve/CVE-2020-10781.html
https://www.suse.com/security/cve/CVE-2020-14331.html
https://www.suse.com/security/cve/CVE-2020-14356.html
https://www.suse.com/security/cve/CVE-2020-15780.html
https://www.suse.com/security/cve/CVE-2020-16166.html
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1120163
https://bugzilla.suse.com/1133021
https://bugzilla.suse.com/1149032
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1154488
https://bugzilla.suse.com/1155518
https://bugzilla.suse.com/1155798
https://bugzilla.suse.com/1165933
https://bugzilla.suse.com/1167773
https://bugzilla.suse.com/1168959
https://bugzilla.suse.com/1169771
https://bugzilla.suse.com/1171857
https://bugzilla.suse.com/1171988
https://bugzilla.suse.com/1172197
htt...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2020:1236-1
Rating: important
Affected Products:
openSUSE Leap 15.2
le.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!