Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: 2020:2575-1 Important: Linux Kernel Security Vulnerabilities Fixed

suse
Calendar Grey September 9, 2020
Dist Suse Esm H88
SUSE has released a vital kernel security update aimed at fixing several vulnerabilities, including detailed steps for implementation.

An update that solves 8 vulnerabilities and has 121 fixes is now available.

Summary

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup (bsc#1165629). - CVE-2020-14314: Fixed a potential negative array index in do_split() (bsc#1173798). - CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem which could have led to privilege escalation (bsc#1175213). - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling (bsc#1174205). - CVE-2020-16166: Fixed a potential issue which could have allowed remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG (bsc#1174757).

References

#1058115 #1065600 #1065729 #1071995 #1083548

#1085030 #1111666 #1112178 #1113956 #1120163

#1133021 #1136666 #1144333 #1152148 #1163524

#1165629 #1166965 #1169790 #1170232 #1171558

#1171688 #1171988 #1172073 #1172108 #1172247

#1172418 #1172428 #1172871 #1172872 #1172873

#1172963 #1173060 #1173485 #1173798 #1173954

#1174003 #1174026 #1174070 #1174205 #1174387

#1174484 #1174547 #1174549 #1174550 #1174625

#1174658 #1174685 #1174689 #1174699 #1174734

#1174757 #1174771 #1174840 #1174841 #1174843

#1174844 #1174845 #1174852 #1174873 #1174904

#1174926 #1174968 #1175062 #1175063 #1175064

#1175065 #1175066 #1175067 #1175112 #1175127

#1175128 #1175149 #1175199 #1175213 #1175228

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2575-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here