SUSE: 2020:2578-1 Important: Local Privilege Escalation Fix in Kernel
suse
September 9, 2020
An update that solves one vulnerability and has 6 fixes is now available
Summary
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption (bsc#1176069). The following non-security bugs were fixed: - EDAC: Fix reference count leaks (bsc#1112178). - KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast() (bsc#1112178). - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691). - net/mlx5e: Fix error path of device attach (git-fixes). - net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes). - net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes). - sched/deadline: Initialize ->dl_boosted (bsc#1112178).
References
#1058115 #1112178 #1136666 #1171558 #1173060
#1175691 #1176069
Cross- CVE-2020-14386
Affected Products:
SUSE Linux Enterprise Server 12-SP5
https://www.suse.com/security/cve/CVE-2020-14386.html
https://bugzilla.suse.com/1058115
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1136666
https://bugzilla.suse.com/1171558
https://bugzilla.suse.com/1173060
https://bugzilla.suse.com/1175691
https://bugzilla.suse.com/1176069
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:2578-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!