Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

SUSE: 2020:2152-1 Important: Security Fixes for Linux Kernel

suse
Calendar Grey August 6, 2020
Dist Suse Esm H88
SUSE Security Update: Security update for the Linux Kernel _________________________________________
An update that solves 11 vulnerabilities and has 12 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth may have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key (bnc#1171988). - CVE-2020-10711: A NULL pointer dereference flaw was found in the SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible

References

#1065729 #1146351 #1149652 #1152457 #1162002

#1164910 #1170011 #1170618 #1171078 #1171189

#1171191 #1171220 #1171732 #1171988 #1172453

#1172458 #1172775 #1172999 #1173280 #1173658

#1174115 #1174462 #1174543

Cross- CVE-2019-20810 CVE-2019-20812 CVE-2020-0305

CVE-2020-10135 CVE-2020-10711 CVE-2020-10732

CVE-2020-10751 CVE-2020-10773 CVE-2020-12771

CVE-2020-13974 CVE-2020-14416

Affected Products:

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 8

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server 12-SP3-LTSS

SUSE Linux Enterprise Server 12-SP3-BCL

SUSE Linux Enterprise High Availability 12-SP3

SUSE Enterprise Storage 5

HPE Helion Openstack 8

https://www.suse.com/sec...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2152-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here