Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 544
Alerts This Week
Warning Icon 1 544

SUSE: 2021:0095-1 Important: Kernel Remote Code Execution Fix

suse
Calendar Grey January 12, 2021
Scroller Suse Esm H88
Important release for SUSE Linux Kernel rectifying various vulnerabilities. Apply patches and protect your infrastructure immediately!
An update that solves 9 vulnerabilities and has 35 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559). - CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031). - CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086). - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029). - CVE-2020-0444: Fixed a bad kfree due to a logic error in

References

#1040855 #1044120 #1044767 #1055117 #1065729

#1094840 #1109695 #1112178 #1115431 #1138374

#1144912 #1152457 #1163727 #1164780 #1171078

#1172145 #1172538 #1174784 #1178401 #1178762

#1179014 #1179015 #1179045 #1179082 #1179107

#1179142 #1179419 #1179444 #1179745 #1179810

#1179888 #1179895 #1179896 #1179960 #1179963

#1180027 #1180029 #1180031 #1180052 #1180086

#1180117 #1180258 #1180506 #1180559

Cross- CVE-2020-0444 CVE-2020-0465 CVE-2020-0466

CVE-2020-27068 CVE-2020-27777 CVE-2020-27825

CVE-2020-29660 CVE-2020-29661 CVE-2020-36158

Affected Products:

SUSE Linux Enterprise Module for Realtime 15-SP1

https://www.suse.com/security/cve/CVE-2020-0444.html

https://www.suse.com/security/cve/CVE-2020-0465.html

https://www.suse.com/security/cve/CV...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:0095-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.