Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
patchinfo.18047
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.18047
<patchinfo incident="18047"> <issue id="1179664" tracker="bnc">VUL-0: CVE-2020-29368: kernel live patch: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check</issue> <issue id="1179877" tracker="bnc">VUL-0: CVE-2020-29660, CVE-2020-29661: kernel live patch: [tty] hole/race in pgrp & session handling</issue> <issue id="1180008" tracker="bnc">VUL-0: CVE-2020-29569: kernel live patch: Use after free triggered by block frontend in Linux blkback (XSA-350 v3)</issue> <issue id="1180030" tracker="bnc">VUL-0: CVE-2020-0465: kernel live patch: In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges nee</issue> <issue id="1180032" tracker="bnc">VUL-0: CVE-2020-0466: kernel live patch: In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges ne</issue> <issue id="1180562" tracker="bnc">VUL-0: CVE-2020-36158: kernel live patch: RCE via a long SSID value in mwifiex_cmd_802_11_ad_hoc_start marvell/mwifiex/join.c</issue> <issue id="2020-0465" tracker="cve" /> <issue id="2020-0466" tracker="cve" /> <issue id="2020-29368" tracker="cve" /> <issue id="2020-29569" tracker="cve" /> <issue id="2020-29660" tracker="cve" /> <issue id="2020-29661" tracker="cve" /> <issue id="2020-36158" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>nstange</packager> <description>This update for the Linux Kernel 4.12.14-197_34 fixes several issues. The following security issues were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180562). - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180030). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180032. - CVE-2020-29569: Fixed a use after free due to a logic error (bsc#1180008). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bsc#1179877). - CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179877). - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could grant unintended write access because of a race condition in a THP mapcount check (bsc#1179664). </description> <summary>Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP1)</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
