SUSE: 2020:1597-1 important: the Linux Kernel
Summary
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or "CrossTalk" (bsc#1154824). - CVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219). - CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202). - CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195). - CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218). - CVE-2020-12114: Fixed A pivot_root race condition which could have allowed local users to cause a denial of service (panic) by corrupting a mountpoint reference counter (bsc#1171098). - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172317). The following non-security bugs were fixed: - can, slip: Protect tty->disc_data in write_wakeup and close with RCU (bsc#1171698). - KEYS: allow reaching the keys quotas exactly (bsc#1171689). - KEYS: reaching the keys quotas correctly (bsc#1171689). - Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()" (bsc#1172221). - random: always use batched entropy for get_random_u{32,64} (bsc#1164871).
References
#1154824 #1164871 #1171098 #1171195 #1171202
#1171218 #1171219 #1171689 #1171698 #1172221
#1172317
Cross- CVE-2020-0543 CVE-2020-10757 CVE-2020-12114
CVE-2020-12652 CVE-2020-12653 CVE-2020-12654
CVE-2020-12656
Affected Products:
SUSE OpenStack Cloud 7
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
SUSE Linux Enterprise Server 12-SP2-BCL
SUSE Linux Enterprise High Availability 12-SP2
https://www.suse.com/security/cve/CVE-2020-0543.html
https://www.suse.com/security/cve/CVE-2020-10757.html
https://www.suse.com/security/cve/CVE-2020-12114.html
https://www.suse.com/security/cve/CVE-2020-12652.html
https://www.suse.com/security/cve/CVE-2020-12653.html
https://www.suse.com/security/cve/CVE-2020-12654.html
https://www.suse.com/security/cve/CVE-2020-12656.html
https://bugzilla.suse.com/1154824
https://bugzilla.suse.com/1164871
https://bugzilla.suse.com/1171098
https://bugzilla.suse.com/1171195
https://bugzilla.suse.com/1171202
https://bugzilla.suse.com/1171218
https://bugzilla.suse.com/1171219
https://bugzilla.suse.com/1171689
https://bugzilla.suse.com/1171698
https://bugzilla.suse.com/1172221
https://bugzilla.suse.com/1172317