Alerts This Week
Warning Icon 1 409
Alerts This Week
Warning Icon 1 409

SUSE: 2020:3532-1 Important: Linux Kernel Denial Of Service Depth Fix

suse
Calendar Grey November 26, 2020
Dist Suse Esm H88
Ubuntu Security Update for OS Kernel addresses major concerns with 24 vulnerabilities and 30 resolutions. Ensure your security!
An update that solves 26 vulnerabilities and has 32 fixes is now available

Summary

The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782). - CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393). - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bnc#1178123).

Topics%20covered

Topics Covered

security advisory denial of service remote exploit important system update SUSE Linux Kernel

References

#1051510 #1058115 #1065600 #1131277 #1160947

#1161360 #1163524 #1166965 #1170232 #1170415

#1171417 #1172073 #1172366 #1173115 #1173233

#1175306 #1175721 #1175749 #1175882 #1176011

#1176235 #1176278 #1176381 #1176423 #1176482

#1176485 #1176698 #1176721 #1176722 #1176723

#1176725 #1176732 #1176877 #1176907 #1176922

#1176990 #1177027 #1177086 #1177121 #1177165

#1177206 #1177226 #1177410 #1177411 #1177470

#1177511 #1177513 #1177724 #1177725 #1177766

#1178003 #1178123 #1178330 #1178393 #1178622

#1178765 #1178782 #1178838

Cross- CVE-2020-0404 CVE-2020-0427 CVE-2020-0430

CVE-2020-0431 CVE-2020-0432 CVE-2020-12351

CVE-2020-12352 CVE-2020-14351 CVE-2020-14381

CVE-2020-14390 CVE-2020-16120 CVE-2020-2521

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:3532-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service remote exploit important system update SUSE Linux Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here