SUSE: 2020:1123-1 Important: Linux Kernel Security Vulnerabilities
suse
April 28, 2020
An update that solves 10 vulnerabilities and has 89 fixes is now available
Summary
The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276). - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424). - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks
References
#1044231 #1051510 #1051858 #1056686 #1060463
#1065729 #1083647 #1085030 #1103990 #1103992
#1104353 #1104745 #1109837 #1109911 #1111666
#1111974 #1112178 #1112374 #1113956 #1114279
#1114685 #1119680 #1120386 #1127611 #1133021
#1134090 #1136157 #1141895 #1144333 #1145051
#1146539 #1157424 #1158187 #1158983 #1159198
#1159285 #1160659 #1161561 #1161951 #1162171
#1162929 #1162931 #1164078 #1164507 #1164777
#1164780 #1164893 #1165019 #1165111 #1165182
#1165185 #1165211 #1165404 #1165488 #1165527
#1165741 #1165813 #1165823 #1165873 #1165929
#1165949 #1165950 #1165980 #1165984 #1165985
#1166003 #1166101 #1166102 #1166103 #1166104
#1166632 #1166730 #1166731 #1166732 #1166733
#1166734 #116...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:1123-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!