SUSE 15-SP2: SUSE-SU-2020:3122-1 Important: Memory Corruption Fix

suse

November 3, 2020

An update that solves three vulnerabilities and has 31 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-25285: A race condition between hugetlb sysctl handlers in mm/hugetlb.c could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact (bnc#1176485). - CVE-2020-16120: Fixed permission check to open real file when using overlayfs. It was possible to have a file not readable by an unprivileged user be copied to a mountpoint controlled by that user and then be able to access the file. (bsc#1177470) - CVE-2020-14351: Fixed a race condition in the perf_mmap_close() function (bsc#1177086). The following non-security bugs were fixed: - ACPI: Always build evged in (git-fixes).

Topics Covered

security advisory memory corruption important race condition permission check Linux Kernel SUSE 15-SP2

References

#1055014 #1055186 #1061843 #1065729 #1077428

#1129923 #1134760 #1152489 #1174748 #1174969

#1175052 #1175898 #1176485 #1176713 #1177086

#1177353 #1177410 #1177411 #1177470 #1177739

#1177749 #1177750 #1177754 #1177755 #1177765

#1177814 #1177817 #1177854 #1177855 #1177856

#1177861 #1178002 #1178079 #1178246

Cross- CVE-2020-14351 CVE-2020-16120 CVE-2020-25285

Affected Products:

SUSE Linux Enterprise Workstation Extension 15-SP2

SUSE Linux Enterprise Module for Legacy Software 15-SP2

SUSE Linux Enterprise Module for Development Tools 15-SP2

SUSE Linux Enterprise Module for Basesystem 15-SP2

SUSE Linux Enterprise High Availability 15-SP2

https://www.suse.com/security/cve/CVE-2020-14351.html

https://www.suse.com/security/cve/CVE-2020-16120.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2020:3122-1

Rating: important

Topics Covered

security advisory memory corruption important race condition permission check Linux Kernel SUSE 15-SP2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15-SP2: SUSE-SU-2020:3122-1 Important: Memory Corruption Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15-SP2: SUSE-SU-2020:3122-1 Important: Memory Corruption Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!