Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

SUSE: 2020:2980-1 Critical Update for Linux Kernel Security Issues

suse
Calendar Grey October 21, 2020
Dist Suse Esm H88
SUSE Security Update: Security update for the Linux Kernel _________________________________________
An update that solves 6 vulnerabilities and has 36 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma" (bsc#1177724). - CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka "BleedingTooth" aka "BadVibes" (bsc#1177726). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka "BleedingTooth" aka "BadChoice" (bsc#1177725). - CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121). - CVE-2020-25643: Fixed a memory corruption and a read overflow which

References

#1065600 #1065729 #1155798 #1165692 #1168468

#1171675 #1171688 #1174003 #1174098 #1175599

#1175621 #1175807 #1176019 #1176400 #1176907

#1176979 #1177090 #1177109 #1177121 #1177193

#1177194 #1177206 #1177258 #1177271 #1177283

#1177284 #1177285 #1177286 #1177297 #1177384

#1177511 #1177617 #1177681 #1177683 #1177687

#1177694 #1177697 #1177719 #1177724 #1177725

#1177726 #954532

Cross- CVE-2020-12351 CVE-2020-12352 CVE-2020-24490

CVE-2020-25641 CVE-2020-25643 CVE-2020-25645

Affected Products:

SUSE Linux Enterprise Workstation Extension 15-SP2

SUSE Linux Enterprise Module for Live Patching 15-SP2

SUSE Linux Enterprise Module for Legacy Software 15-SP2

SUSE Linux Enterprise Module for Development Tools 15-SP2

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2980-1
Rating: critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here