Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:14442-1 important: the Linux Kernel

    Date
    127
    Posted By
    An update that solves 9 vulnerabilities and has two fixes is now available.
    
       SUSE Security Update: Security update for the Linux Kernel
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:14442-1
    Rating:             important
    References:         #1159912 #1159913 #1162002 #1171218 #1171219 
                        #1171220 #1172775 #1172999 #1173265 #1174462 
                        #1174543 
    Cross-References:   CVE-2019-5108 CVE-2020-0305 CVE-2020-10732
                        CVE-2020-10769 CVE-2020-10773 CVE-2020-12652
                        CVE-2020-12656 CVE-2020-13974 CVE-2020-14416
                       
    Affected Products:
                        SUSE Linux Enterprise Server 11-SP4-LTSS
                        SUSE Linux Enterprise Server 11-EXTRA
                        SUSE Linux Enterprise Debuginfo 11-SP4
    ______________________________________________________________________________
    
       An update that solves 9 vulnerabilities and has two fixes
       is now available.
    
    Description:
    
       The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
       security and bugfixes.
    
    
       The following security bugs were fixed:
    
       - CVE-2020-10773: Fixed a memory leak on s390/s390x, in the
         cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999).
       - CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the
         slip and slcan line discipline could lead to a use-after-free. This
         affects drivers/net/slip/slip.c and drivers/net/can/slcan.c
         (bnc#1162002).
       - CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c,
         if k_ascii is called several times in a row (bnc#1172775).
       - CVE-2020-10732: A flaw was found in the implementation of Userspace core
         dumps. This flaw allowed an attacker with a local account to crash a
         trivial program and exfiltrate private kernel data (bnc#1171220).
       - CVE-2020-12656: Fixed a memory leak in gss_mech_free in the
         rpcsec_gss_krb5 implementation, caused by a lack of certain
         domain_release calls (bnc#1171219).
       - CVE-2020-0305: Fixed a possible use-after-free due to a race condition
         incdev_get of char_dev.c. This could lead to local escalation of
         privilege. User interaction is not needed for exploitation (bnc#1174462).
       - CVE-2020-10769: A buffer over-read flaw was found in
         crypto_authenc_extractkeys in crypto/authenc.c in the IPsec
         Cryptographic algorithm's module, authenc. This flaw allowed a local
         attacker with user privileges to cause a denial of service (bnc#1173265).
       - CVE-2020-12652: The __mptctl_ioctl function in
         drivers/message/fusion/mptctl.c allowed local users to hold an incorrect
         lock during the ioctl operation and trigger a race condition, i.e., a
         "double fetch" vulnerability (bnc#1171218).
       - CVE-2019-5108: Fixed a denial-of-service vulnerability in the wifi
         stack. An attacker could exploit this vulnerability by triggering AP to
         send IAPP location updates for stations before the required
         authentication process has completed (bnc#1159912).
    
       The following non-security bugs were fixed:
    
       - Fix gcc-discovered error in zeroing a struct (bnc#680814)
    
    
    Special Instructions and Notes:
    
       Please reboot the system after installing this update.
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS:
    
          zypper in -t patch slessp4-kernel-source-14442=1
    
       - SUSE Linux Enterprise Server 11-EXTRA:
    
          zypper in -t patch slexsp3-kernel-source-14442=1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4:
    
          zypper in -t patch dbgsp4-kernel-source-14442=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64):
    
          kernel-default-3.0.101-108.117.1
          kernel-default-base-3.0.101-108.117.1
          kernel-default-devel-3.0.101-108.117.1
          kernel-source-3.0.101-108.117.1
          kernel-syms-3.0.101-108.117.1
          kernel-trace-3.0.101-108.117.1
          kernel-trace-base-3.0.101-108.117.1
          kernel-trace-devel-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 x86_64):
    
          kernel-ec2-3.0.101-108.117.1
          kernel-ec2-base-3.0.101-108.117.1
          kernel-ec2-devel-3.0.101-108.117.1
          kernel-xen-3.0.101-108.117.1
          kernel-xen-base-3.0.101-108.117.1
          kernel-xen-devel-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS (s390x):
    
          kernel-default-man-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS (ppc64):
    
          kernel-bigmem-3.0.101-108.117.1
          kernel-bigmem-base-3.0.101-108.117.1
          kernel-bigmem-devel-3.0.101-108.117.1
          kernel-ppc64-3.0.101-108.117.1
          kernel-ppc64-base-3.0.101-108.117.1
          kernel-ppc64-devel-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS (i586):
    
          kernel-pae-3.0.101-108.117.1
          kernel-pae-base-3.0.101-108.117.1
          kernel-pae-devel-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):
    
          kernel-default-extra-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):
    
          kernel-xen-extra-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-EXTRA (x86_64):
    
          kernel-trace-extra-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-EXTRA (ppc64):
    
          kernel-ppc64-extra-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Server 11-EXTRA (i586):
    
          kernel-pae-extra-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64):
    
          kernel-default-debuginfo-3.0.101-108.117.1
          kernel-default-debugsource-3.0.101-108.117.1
          kernel-trace-debuginfo-3.0.101-108.117.1
          kernel-trace-debugsource-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 s390x x86_64):
    
          kernel-default-devel-debuginfo-3.0.101-108.117.1
          kernel-trace-devel-debuginfo-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
    
          kernel-ec2-debuginfo-3.0.101-108.117.1
          kernel-ec2-debugsource-3.0.101-108.117.1
          kernel-xen-debuginfo-3.0.101-108.117.1
          kernel-xen-debugsource-3.0.101-108.117.1
          kernel-xen-devel-debuginfo-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):
    
          kernel-bigmem-debuginfo-3.0.101-108.117.1
          kernel-bigmem-debugsource-3.0.101-108.117.1
          kernel-ppc64-debuginfo-3.0.101-108.117.1
          kernel-ppc64-debugsource-3.0.101-108.117.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4 (i586):
    
          kernel-pae-debuginfo-3.0.101-108.117.1
          kernel-pae-debugsource-3.0.101-108.117.1
          kernel-pae-devel-debuginfo-3.0.101-108.117.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-5108.html
       https://www.suse.com/security/cve/CVE-2020-0305.html
       https://www.suse.com/security/cve/CVE-2020-10732.html
       https://www.suse.com/security/cve/CVE-2020-10769.html
       https://www.suse.com/security/cve/CVE-2020-10773.html
       https://www.suse.com/security/cve/CVE-2020-12652.html
       https://www.suse.com/security/cve/CVE-2020-12656.html
       https://www.suse.com/security/cve/CVE-2020-13974.html
       https://www.suse.com/security/cve/CVE-2020-14416.html
       https://bugzilla.suse.com/1159912
       https://bugzilla.suse.com/1159913
       https://bugzilla.suse.com/1162002
       https://bugzilla.suse.com/1171218
       https://bugzilla.suse.com/1171219
       https://bugzilla.suse.com/1171220
       https://bugzilla.suse.com/1172775
       https://bugzilla.suse.com/1172999
       https://bugzilla.suse.com/1173265
       https://bugzilla.suse.com/1174462
       https://bugzilla.suse.com/1174543
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://lists.suse.com/mailman/listinfo/sle-security-updates
    

    Advisories

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/41-ubuntu-is-a-more-secure-distro-than-fedora?task=poll.vote&format=json
    41
    radio
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.