SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:2576-1
Rating:             important
References:         #1152107 #1173798 #1174205 #1174757 #1175691 
                    #1176069 
Cross-References:   CVE-2019-16746 CVE-2020-14314 CVE-2020-14331
                    CVE-2020-14386 CVE-2020-16166
Affected Products:
                    SUSE OpenStack Cloud 7
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP2-LTSS
                    SUSE Linux Enterprise Server 12-SP2-BCL
                    SUSE Linux Enterprise High Availability 12-SP2
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has one errata
   is now available.

Description:

   The SUSE Linux Enterprise 12 SP2 kernel was updated to to receive various
   security and bugfixes.

   The following security bugs were fixed:


   - CVE-2020-14314: Fixed a potential negative array index in do_split()
     (bsc#1173798).
   - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling
     (bsc#1174205).
   - CVE-2020-16166: Fixed a potential issue which could have allowed remote
     attackers to make observations that help to obtain sensitive information
     about the internal state of the network RNG (bsc#1174757).
   - CVE-2019-16746: Fixed an improper check of the length of variable
     elements in a beacon head, leading to a buffer overflow (bsc#1152107).
   - CVE-2020-14386: Fixed a potential local privilege escalation via memory
     corruption (bsc#1176069).

   The following non-security bug was fixed:

   - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo
     (bsc#1175691).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 7:

      zypper in -t patch SUSE-OpenStack-Cloud-7-2020-2576=1

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2576=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-2576=1

   - SUSE Linux Enterprise Server 12-SP2-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-2576=1

   - SUSE Linux Enterprise High Availability 12-SP2:

      zypper in -t patch SUSE-SLE-HA-12-SP2-2020-2576=1



Package List:

   - SUSE OpenStack Cloud 7 (s390x x86_64):

      kernel-default-4.4.121-92.141.1
      kernel-default-base-4.4.121-92.141.1
      kernel-default-base-debuginfo-4.4.121-92.141.1
      kernel-default-debuginfo-4.4.121-92.141.1
      kernel-default-debugsource-4.4.121-92.141.1
      kernel-default-devel-4.4.121-92.141.1
      kernel-syms-4.4.121-92.141.1

   - SUSE OpenStack Cloud 7 (noarch):

      kernel-devel-4.4.121-92.141.1
      kernel-macros-4.4.121-92.141.1
      kernel-source-4.4.121-92.141.1

   - SUSE OpenStack Cloud 7 (x86_64):

      kgraft-patch-4_4_121-92_141-default-1-3.3.1

   - SUSE OpenStack Cloud 7 (s390x):

      kernel-default-man-4.4.121-92.141.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):

      kernel-default-4.4.121-92.141.1
      kernel-default-base-4.4.121-92.141.1
      kernel-default-base-debuginfo-4.4.121-92.141.1
      kernel-default-debuginfo-4.4.121-92.141.1
      kernel-default-debugsource-4.4.121-92.141.1
      kernel-default-devel-4.4.121-92.141.1
      kernel-syms-4.4.121-92.141.1
      kgraft-patch-4_4_121-92_141-default-1-3.3.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch):

      kernel-devel-4.4.121-92.141.1
      kernel-macros-4.4.121-92.141.1
      kernel-source-4.4.121-92.141.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64):

      kernel-default-4.4.121-92.141.1
      kernel-default-base-4.4.121-92.141.1
      kernel-default-base-debuginfo-4.4.121-92.141.1
      kernel-default-debuginfo-4.4.121-92.141.1
      kernel-default-debugsource-4.4.121-92.141.1
      kernel-default-devel-4.4.121-92.141.1
      kernel-syms-4.4.121-92.141.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le x86_64):

      kgraft-patch-4_4_121-92_141-default-1-3.3.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch):

      kernel-devel-4.4.121-92.141.1
      kernel-macros-4.4.121-92.141.1
      kernel-source-4.4.121-92.141.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x):

      kernel-default-man-4.4.121-92.141.1

   - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):

      kernel-default-4.4.121-92.141.1
      kernel-default-base-4.4.121-92.141.1
      kernel-default-base-debuginfo-4.4.121-92.141.1
      kernel-default-debuginfo-4.4.121-92.141.1
      kernel-default-debugsource-4.4.121-92.141.1
      kernel-default-devel-4.4.121-92.141.1
      kernel-syms-4.4.121-92.141.1

   - SUSE Linux Enterprise Server 12-SP2-BCL (noarch):

      kernel-devel-4.4.121-92.141.1
      kernel-macros-4.4.121-92.141.1
      kernel-source-4.4.121-92.141.1

   - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.4.121-92.141.1
      cluster-md-kmp-default-debuginfo-4.4.121-92.141.1
      cluster-network-kmp-default-4.4.121-92.141.1
      cluster-network-kmp-default-debuginfo-4.4.121-92.141.1
      dlm-kmp-default-4.4.121-92.141.1
      dlm-kmp-default-debuginfo-4.4.121-92.141.1
      gfs2-kmp-default-4.4.121-92.141.1
      gfs2-kmp-default-debuginfo-4.4.121-92.141.1
      kernel-default-debuginfo-4.4.121-92.141.1
      kernel-default-debugsource-4.4.121-92.141.1
      ocfs2-kmp-default-4.4.121-92.141.1
      ocfs2-kmp-default-debuginfo-4.4.121-92.141.1


References:

   https://www.suse.com/security/cve/CVE-2019-16746.html
   https://www.suse.com/security/cve/CVE-2020-14314.html
   https://www.suse.com/security/cve/CVE-2020-14331.html
   https://www.suse.com/security/cve/CVE-2020-14386.html
   https://www.suse.com/security/cve/CVE-2020-16166.html
   https://bugzilla.suse.com/1152107
   https://bugzilla.suse.com/1173798
   https://bugzilla.suse.com/1174205
   https://bugzilla.suse.com/1174757
   https://bugzilla.suse.com/1175691
   https://bugzilla.suse.com/1176069

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2020:2576-1 important: the Linux Kernel

September 9, 2020
An update that solves 5 vulnerabilities and has one errata is now available

Summary

The SUSE Linux Enterprise 12 SP2 kernel was updated to to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-14314: Fixed a potential negative array index in do_split() (bsc#1173798). - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling (bsc#1174205). - CVE-2020-16166: Fixed a potential issue which could have allowed remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG (bsc#1174757). - CVE-2019-16746: Fixed an improper check of the length of variable elements in a beacon head, leading to a buffer overflow (bsc#1152107). - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption (bsc#1176069). The following non-security bug was fixed: - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691).

References

#1152107 #1173798 #1174205 #1174757 #1175691

#1176069

Cross- CVE-2019-16746 CVE-2020-14314 CVE-2020-14331

CVE-2020-14386 CVE-2020-16166

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Linux Enterprise Server 12-SP2-BCL

SUSE Linux Enterprise High Availability 12-SP2

https://www.suse.com/security/cve/CVE-2019-16746.html

https://www.suse.com/security/cve/CVE-2020-14314.html

https://www.suse.com/security/cve/CVE-2020-14331.html

https://www.suse.com/security/cve/CVE-2020-14386.html

https://www.suse.com/security/cve/CVE-2020-16166.html

https://bugzilla.suse.com/1152107

https://bugzilla.suse.com/1173798

https://bugzilla.suse.com/1174205

https://bugzilla.suse.com/1174757

https://bugzilla.suse.com/1175691

https://bugzilla.suse.com/1176069

Severity
Announcement ID: SUSE-SU-2020:2576-1
Rating: important

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved