openSUSE Leap 15.2: 2020:1586-1 Important: Kernel Security Update
opensuse
October 1, 2020
An update that solves 9 vulnerabilities and has 103 fixes is now available.
Description
The openSUSE Leap 15.2 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2020-0404: In uvc_scan_chain_forward of uvc_driver.c, there is a
possible linked list corruption due to an unusual root cause. This could
lead to local escalation of privilege in the kernel with no additional
execution privileges needed. User interaction is not needed for
exploitation (bnc#1176423).
- CVE-2020-0427: In create_pinctrl of core.c, there is a possible out of
bounds read due to a use after free. This could lead to local
information disclosure with no additional execution privileges needed.
User interaction is not needed for exploitation (bnc#1176725).
- CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of
bounds write due to a missing bounds check. This could lead to local
escalation of privilege with no additional execution privileges needed.
User...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1586=1
Package List
- openSUSE Leap 15.2 (x86_64):
kernel-debug-5.3.18-lp152.44.1
kernel-debug-debuginfo-5.3.18-lp152.44.1
kernel-debug-debugsource-5.3.18-lp152.44.1
kernel-debug-devel-5.3.18-lp152.44.1
kernel-debug-devel-debuginfo-5.3.18-lp152.44.1
kernel-default-5.3.18-lp152.44.1
kernel-default-base-5.3.18-lp152.44.1.lp152.8.8.1
kernel-default-base-rebuild-5.3.18-lp152.44.1.lp152.8.8.1
kernel-default-debuginfo-5.3.18-lp152.44.1
kernel-default-debugsource-5.3.18-lp152.44.1
kernel-default-devel-5.3.18-lp152.44.1
kernel-default-devel-debuginfo-5.3.18-lp152.44.1
kernel-kvmsmall-5.3.18-lp152.44.1
kernel-kvmsmall-debuginfo-5.3.18-lp152.44.1
kernel-kvmsmall-debugsource-5.3.18-lp152.44.1
kernel-kvmsmall-devel-5.3.18-lp152.44.1
kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.44.1
kernel-obs-build-5.3.18-lp152.44.1
kernel-obs-build-debugsource-5.3.18-lp152.44.1
kernel-obs-qa-5.3.18-lp152.44.1
kernel-preempt-5.3.18-lp152.44.1
kernel-preempt-debuginfo-5.3.18-lp152.44.1
kernel-preempt-debugsource-5.3.18-lp152.44.1
kernel-preempt-devel-5.3.18-...
Read the Full AdvisoryReferences
bsc#1176001,bsc#1175999 Exported symbols from drivers/net/ethernet/mscc/
are only used by drivers/net/dsa/ocelot/
- kernel/cpu_pm: Fix uninitted local in cpu_pm (git fixes (kernel/pm)).
- kernel-syms.spec.in: Also use bz compression (boo#1175882).
- libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks
(jsc#SLE-14459).
- libbpf: Fix readelf output parsing for Fedora (bsc#1155518).
- libbpf: Fix readelf output parsing on powerpc with recent binutils
(bsc#1155518).
- libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
- libnvdimm: cover up struct nvdimm changes (bsc#1171742).
- libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
- libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
- livepatch: Add -fdump-ipa-clones to build (). Add support for
-fdump-ipa-clones GCC option. Update config files accordingly.
- md: raid0/linear: fix dereference before null check on pointer mddev
(git fixes (block drivers)).
- media: cedrus: Add missing v4l2_ctrl_request_hdl_put()...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2020:1586-1
Rating: important
Affected Products:
openSUSE Leap 15.2
le.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!