SUSE: 2020:2106-1 Important: Linux Kernel Security Updates and Fixes

suse

August 3, 2020

An update that solves 14 vulnerabilities and has 15 fixes is now available

Summary

The SUSE Linux Enterprise 15 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1174462). - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c where incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bnc#1173567). - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c where injection of malicious ACPI tables via configfs could be used by

Topics Covered

security advisory buffer overflow important memory leak SUSE Linux kernel escalation

References

#1051510 #1065729 #1071995 #1104967 #1152107

#1158755 #1162002 #1170011 #1171078 #1171673

#1171732 #1171868 #1172257 #1172775 #1172781

#1172782 #1172783 #1172999 #1173265 #1173280

#1173514 #1173567 #1173573 #1173659 #1173999

#1174000 #1174115 #1174462 #1174543

Cross- CVE-2019-16746 CVE-2019-20908 CVE-2020-0305

CVE-2020-10766 CVE-2020-10767 CVE-2020-10768

CVE-2020-10769 CVE-2020-10773 CVE-2020-12771

CVE-2020-12888 CVE-2020-13974 CVE-2020-14416

CVE-2020-15393 CVE-2020-15780

Affected Products:

SUSE Linux Enterprise Server for SAP 15

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Module for Live Patching 15

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise High Performan...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2020:2106-1

Rating: important

Topics Covered

security advisory buffer overflow important memory leak SUSE Linux kernel escalation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:2106-1 Important: Linux Kernel Security Updates and Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:2106-1 Important: Linux Kernel Security Updates and Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!