Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE Linux 12 SP5: SUSE-SU-2022:0263-1 High: Kernel Live Patch Issues

suse
Calendar Grey February 1, 2022
Dist Suse Esm H88
Important security enhancement for Linux Kernel Live Patch 15 resolves multiple vulnerabilities in SUSE. Essential for safeguarding systems.
An update that fixes 7 vulnerabilities is now available

Summary

This update for the Linux Kernel 4.12.14-122_60 fixes several issues. The following security issues were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bsc#1191193) - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673, CVE-2021-23134: Fixed multiple bugs in NFC subsytem (bsc#1178181, bsc#1186060). - CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673). Patch Instructions:

Topics%20covered

Topics Covered

security advisory buffer overflow important kernel wlan live patch nfc issues

References

#1186061 #1191529 #1192036 #1194680

Cross- CVE-2020-25670 CVE-2020-25671 CVE-2020-25672

CVE-2020-25673 CVE-2020-3702 CVE-2021-23134

CVE-2021-42739

CVSS scores:

CVE-2020-25670 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-25670 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-25671 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-25672 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-25673 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:0263-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow important kernel wlan live patch nfc issues

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here