SUSE: 2020:1713-1 Critical Update: Important Kernel Security Patches
suse
June 23, 2020
An update that solves three vulnerabilities and has one errata is now available
Summary
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10768: Fixed an issue with the prctl() function which could have allowed indirect branch speculation even after it has been disabled (bsc#1172783). - CVE-2020-10767: Fixed an issue where the Indirect Branch Prediction Barrier (IBPB) would have been disabled when STIBP is unavailable or enhanced IBRS is available making the system vulnerable to spectre v2 (bsc#1172782). - CVE-2020-10766: Fixed an issue with Linux scheduler which could have allowed an attacker to turn off the SSBD protection (bsc#1172781). - xfs: Fix tail rounding in xfs_alloc_file_space() (bsc#1172049).
References
#1172049 #1172781 #1172782 #1172783
Cross- CVE-2020-10766 CVE-2020-10767 CVE-2020-10768
Affected Products:
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud 8
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server 12-SP3-LTSS
SUSE Linux Enterprise Server 12-SP3-BCL
SUSE Linux Enterprise High Availability 12-SP3
SUSE Enterprise Storage 5
HPE Helion Openstack 8
https://www.suse.com/security/cve/CVE-2020-10766.html
https://www.suse.com/security/cve/CVE-2020-10767.html
https://www.suse.com/security/cve/CVE-2020-10768.html
https://bugzilla.suse.com/1172049
https://bugzilla.suse.com/1172781
https://bugzilla.suse.com/1172782
https://bugzilla.suse.com/1172783
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:1713-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!