Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

SUSE: 2020:1275-1 Important: Linux Kernel Denial Of Service Vulnerabilities

suse
Calendar Grey May 14, 2020
Dist Suse Esm H88
SUSE has released a security patch addressing 35 vulnerabilities in the Linux Kernel, aimed at bolstering the system's security posture and overall reliability.
An update that solves 35 vulnerabilities and has 21 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424). - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629). - CVE-2020-8647: Fixed a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929). - CVE-2020-8649: Fixed a use-after-free vulnerability in the

Topics%20covered

Topics Covered

security advisory denial of service important SUSE Linux Kernel

References

#1056134 #1087813 #1120386 #1133147 #1137325

#1145929 #1149591 #1154118 #1154844 #1155689

#1157155 #1157157 #1157303 #1157804 #1158021

#1158642 #1158819 #1159199 #1159285 #1159297

#1159841 #1159908 #1159910 #1159911 #1159912

#1160195 #1161586 #1162227 #1162928 #1162929

#1162931 #1163508 #1163971 #1164009 #1164051

#1164069 #1164078 #1164846 #1165111 #1165311

#1165873 #1165881 #1165984 #1165985 #1167421

#1167423 #1167629 #1168075 #1168295 #1168424

#1168829 #1168854 #1170056 #1170345 #1170778

#1170847

Cross- CVE-2017-18255 CVE-2018-12126 CVE-2018-12127

CVE-2018-12130 CVE-2018-21008 CVE-2019-11091

CVE-2019-14615 CVE-2019-14896 CVE-2019-14897

CVE-2019-18675 CVE-2019-19066 CVE-2019-19319

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:1275-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service important SUSE Linux Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here