Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2020:2513-1 Important: Linux Kernel Live Patch Fixes Major Threats

suse
Calendar Grey September 4, 2020
Dist Suse Esm H88
SUSE Security Patch for Linux Kernel addresses multiple vulnerabilities. Make certain your system is protected with the most recent update.
An update that fixes 7 vulnerabilities is now available

Summary

This update for the Linux Kernel 4.12.14-122_12 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll (bsc#1174247). - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs (bsc#1174186). - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c (bsc#1173659). - CVE-2019-9458: Fixed a use-after-free in media/v4l (bsc#1173963). - CVE-2020-11668: Fixed a memory corruption issue in the Xirlink camera USB driver (bsc#1173942). - CVE-2019-19447: Fixed a use-after-free in ext4_put_super (bsc#1173869). - CVE-2019-14895: Fixed a heap-based buffer overflow in the Marvell WiFi driver (bsc#1173100). Patch Instructions:

Topics%20covered

Topics Covered

security advisory buffer overflow important kernel SUSE live patch malicious injection

References

#1173100 #1173659 #1173869 #1173942 #1173963

#1174186 #1174247

Cross- CVE-2019-14895 CVE-2019-16746 CVE-2019-19447

CVE-2019-9458 CVE-2020-11668 CVE-2020-14331

CVE-2020-15780

Affected Products:

SUSE Linux Enterprise Module for Live Patching 15-SP1

SUSE Linux Enterprise Module for Live Patching 15

SUSE Linux Enterprise Live Patching 12-SP5

https://www.suse.com/security/cve/CVE-2019-14895.html

https://www.suse.com/security/cve/CVE-2019-16746.html

https://www.suse.com/security/cve/CVE-2019-19447.html

https://www.suse.com/security/cve/CVE-2019-9458.html

https://www.suse.com/security/cve/CVE-2020-11668.html

https://www.suse.com/security/cve/CVE-2020-14331.html

https://www.suse.com/security/cve/CVE-2020-15780.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2513-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow important kernel SUSE live patch malicious injection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here