openSUSE Leap 15.2: 2020:1906-1 Important: Linux Kernel Security Risk
opensuse
November 13, 2020
An update that solves 7 vulnerabilities and has 65 fixes is now available.
Description
The openSUSE Leap 15.2 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter()
(bsc#1178393).
- CVE-2020-25668: Make FONTX ioctl use the tty pointer they were actually
passed (bsc#1178123).
- CVE-2020-25656: Extend func_buf_lock to readers (bnc#1177766).
- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers
in mm/hugetlb.c in the Linux kernel could be used by local attackers to
corrupt memory, cause a NULL pointer dereference, or possibly have
unspecified other impact, aka CID-17743798d812 (bnc#1176485).
- CVE-2020-14351: Fixed race in the perf_mmap_close() function
(bsc#1177086).
- CVE-2020-8694: Restrict energy meter to root access (bsc#1170415).
- CVE-2020-16120: Check permission to open real file in overlayfs
(bsc#1177470).
The following non-security...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1906=1
Package List
- openSUSE Leap 15.2 (x86_64):
kernel-debug-5.3.18-lp152.50.1
kernel-debug-debuginfo-5.3.18-lp152.50.1
kernel-debug-debugsource-5.3.18-lp152.50.1
kernel-debug-devel-5.3.18-lp152.50.1
kernel-debug-devel-debuginfo-5.3.18-lp152.50.1
kernel-default-5.3.18-lp152.50.1
kernel-default-debuginfo-5.3.18-lp152.50.1
kernel-default-debugsource-5.3.18-lp152.50.1
kernel-default-devel-5.3.18-lp152.50.1
kernel-default-devel-debuginfo-5.3.18-lp152.50.1
kernel-kvmsmall-5.3.18-lp152.50.1
kernel-kvmsmall-debuginfo-5.3.18-lp152.50.1
kernel-kvmsmall-debugsource-5.3.18-lp152.50.1
kernel-kvmsmall-devel-5.3.18-lp152.50.1
kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.50.1
kernel-obs-build-5.3.18-lp152.50.1
kernel-obs-build-debugsource-5.3.18-lp152.50.1
kernel-obs-qa-5.3.18-lp152.50.1
kernel-preempt-5.3.18-lp152.50.1
kernel-preempt-debuginfo-5.3.18-lp152.50.1
kernel-preempt-debugsource-5.3.18-lp152.50.1
kernel-preempt-devel-5.3.18-lp152.50.1
kernel-preempt-devel-debuginfo-5.3.18-lp152.50.1
kernel-syms-5.3.18-lp152.50.1
- openSUSE Leap...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2020-14351.html
https://www.suse.com/security/cve/CVE-2020-16120.html
https://www.suse.com/security/cve/CVE-2020-25285.html
https://www.suse.com/security/cve/CVE-2020-25656.html
https://www.suse.com/security/cve/CVE-2020-25668.html
https://www.suse.com/security/cve/CVE-2020-25704.html
https://www.suse.com/security/cve/CVE-2020-8694.html
https://bugzilla.suse.com/1055014
https://bugzilla.suse.com/1055186
https://bugzilla.suse.com/1061843
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1066382
https://bugzilla.suse.com/1077428
https://bugzilla.suse.com/1129923
https://bugzilla.suse.com/1134760
https://bugzilla.suse.com/1149032
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1163592
https://bugzilla.suse.com/1164648
https://bugzilla.suse.com/1166146
https://bugzilla.suse.com/1166166
https://bugzilla.suse.com/1167030
https://bugzilla.suse.com/1170415
https://bugzilla.suse.com/1174748
https://bugzilla.suse.com/1174969
htt...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2020:1906-1
Rating: important
Affected Products:
openSUSE Leap 15.2
e.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!