Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: 2020:0688-1 Moderate: Linux Kernel Soft Lockup Issue

suse
Calendar Grey March 13, 2020
Dist Suse Esm H88
SUSE Security Announcement provides remedies for Linux Kernel flaws along with guidance for installation and reboot procedures.
An update that solves three vulnerabilities and has 84 fixes is now available

Summary

The SUSE Linux Enterprise 15-SP1 kernel-RT was updated to 4.12.14 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8992: Fixed an issue in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069). - CVE-2020-8648: Fixed a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928). - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971). The following non-security bugs were fixed: - ACPI: PM: Avoid attaching ACPI PM domain to certain devices (bsc#1051510). - ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510).

References

#1050549 #1051510 #1061840 #1065600 #1065729

#1071995 #1088810 #1105392 #1111666 #1112178

#1112504 #1114279 #1118338 #1133021 #1133147

#1140025 #1142685 #1144162 #1157424 #1157480

#1157966 #1158013 #1159271 #1160218 #1160979

#1161360 #1161702 #1161907 #1162557 #1162617

#1162618 #1162619 #1162623 #1162928 #1162943

#1163206 #1163383 #1163384 #1163762 #1163774

#1163836 #1163840 #1163841 #1163842 #1163843

#1163844 #1163845 #1163846 #1163849 #1163850

#1163851 #1163852 #1163853 #1163855 #1163856

#1163857 #1163858 #1163859 #1163860 #1163861

#1163862 #1163863 #1163867 #1163869 #1163880

#1163971 #1164051 #1164069 #1164098 #1164115

#1164314 #1164315 #1164388 #1164471 #1164598

#1164632 #116...

Read the Full Advisory

Announcement ID: SUSE-SU-2020:0688-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here