SUSE: 2020:2579-1 Important: Local Privilege Escalation in Kernel
suse
September 9, 2020
An update that solves one vulnerability and has 6 fixes is now available
Summary
The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption (bsc#1176069). The following non-security bugs were fixed: - EDAC: Fix reference count leaks (bsc#1112178). - KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast() (bsc#1112178). - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691). - sched/deadline: Initialize ->dl_boosted (bsc#1112178). - scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666). - scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666).
References
#1058115 #1112178 #1136666 #1171558 #1173060
#1175691 #1176069
Cross- CVE-2020-14386
Affected Products:
SUSE Linux Enterprise Module for Public Cloud 15-SP1
https://www.suse.com/security/cve/CVE-2020-14386.html
https://bugzilla.suse.com/1058115
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1136666
https://bugzilla.suse.com/1171558
https://bugzilla.suse.com/1173060
https://bugzilla.suse.com/1175691
https://bugzilla.suse.com/1176069
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:2579-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!