Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2020:2981-1 Critical: Linux Kernel Security Update

suse
Calendar Grey October 21, 2020
Dist Suse Esm H88
SUSE Security Notification: Urgent Linux Kernel patches issued. Refer to advisory ID SUSE-SU-2021:4653-1 for full information regarding the security patch.
An update that solves four vulnerabilities and has 15 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma" (bsc#1177724). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka "BleedingTooth" aka "BadChoice" (bsc#1177725). - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511). - CVE-2020-25212: Fixed a TOCTOU mismatch in the NFS client code (bsc#1176381). The following non-security bugs were fixed:

Topics%20covered

Topics Covered

security advisory critical security patch kernel fix system update SUSE Linux bug resolution

References

#1065729 #1140683 #1152624 #1172538 #1172757

#1174748 #1175520 #1176381 #1176400 #1176713

#1176946 #1177027 #1177340 #1177359 #1177511

#1177685 #1177687 #1177724 #1177725

Cross- CVE-2020-12351 CVE-2020-12352 CVE-2020-25212

CVE-2020-25645

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Live Patching 12-SP5

SUSE Linux Enterprise High Availability 12-SP5

https://www.suse.com/security/cve/CVE-2020-12351.html

https://www.suse.com/security/cve/CVE-2020-12352.html

https://www.suse.com/security/cve/CVE-2020-25212.html

https://www.suse.com/security/cve/CVE-2020-25645.html

https://bugzilla.suse.com/1065729

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2981-1
Rating: critical

Topics%20covered

Topics Covered

security advisory critical security patch kernel fix system update SUSE Linux bug resolution

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here