Explore top 10 tips to secure your open-source projects now. Read More
×
This update for the Linux Kernel 5.3.18-24_34 fixes several issues. The following security issues were fixed: - CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations (bsc#1179779). - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180562). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180032. - CVE-2020-29569: Fixed a use after free due to a logic error (bsc#1180008). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bsc#1179877).
#1179664 #1179779 #1179877 #1180008 #1180032
#1180562
Cross- CVE-2020-0466 CVE-2020-29368 CVE-2020-29373
CVE-2020-29569 CVE-2020-29660 CVE-2020-29661
CVE-2020-36158
CVSS scores:
CVE-2020-0466 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-0466 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29368 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29368 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29373 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-29569 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2020-29569 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2020-29660 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Get the latest Linux and open source security news straight to your inbox.