The SUSE Linux Enterprise 15 SP1 azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276). - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424). - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks
#1044231 #1051510 #1051858 #1056686 #1060463
#1065600 #1065729 #1071995 #1083647 #1085030
#1103990 #1103992 #1104353 #1104745 #1109837
#1109911 #1111666 #1111974 #1112178 #1112374
#1113956 #1114279 #1114685 #1118338 #1119680
#1120386 #1127611 #1133021 #1134090 #1136157
#1136333 #1137325 #1141895 #1142685 #1144333
#1145051 #1145929 #1146539 #1148868 #1156510
#1157424 #1158187 #1158983 #1159037 #1159198
#1159199 #1159285 #1160659 #1161561 #1161951
#1162171 #1162929 #1162931 #1163403 #1163897
#1163971 #1164078 #1164284 #1164507 #1164705
#1164712 #1164727 #1164728 #1164729 #1164730
#1164731 #1164732 #1164733 #1164734 #1164735
#1164777 #1164780 #1164893 #1165019 #1165111
#1165182 #116...
Read the Full Advisory
Get the latest Linux and open source security news straight to your inbox.