Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

SUSE: 2020:3764-1 Important Update: Kernel Denial of Service Fixes

suse
Calendar Grey December 11, 2020
Dist Suse Esm H88
An advisory from SUSE has been released, addressing various vulnerabilities in the Linux Kernel, incorporating crucial updates.
An update that solves 11 vulnerabilities and has 62 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141). - CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182). - CVE-2020-25705: Fixed A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to

References

#1139944 #1149032 #1152489 #1153274 #1154353

#1155518 #1158775 #1160634 #1161099 #1167773

#1170139 #1171558 #1173504 #1174852 #1175721

#1175918 #1175995 #1176109 #1176200 #1176481

#1176586 #1176855 #1176956 #1177066 #1177070

#1177353 #1177397 #1177666 #1178182 #1178203

#1178227 #1178286 #1178401 #1178426 #1178590

#1178634 #1178635 #1178653 #1178669 #1178740

#1178755 #1178756 #1178762 #1178782 #1178838

#1178853 #1178886 #1179001 #1179012 #1179014

#1179015 #1179045 #1179076 #1179082 #1179107

#1179140 #1179141 #1179160 #1179201 #1179211

#1179217 #1179419 #1179424 #1179425 #1179426

#1179427 #1179429 #1179432 #1179442 #1179550

#1179578 #1179601 #1179639

Cross- CVE-2020-15436 CVE-2020-15437 CVE-2020-25669

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:3764-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.