Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
patchinfo.15910
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.15910
<patchinfo incident="15910"> <issue id="1174543" tracker="bnc">VUL-0: rerelease of secure boot related packages</issue> <issue id="1051510" tracker="bnc">[TRACKERBUG] Missing SLE15 fixes</issue> <issue id="1065729" tracker="bnc">[trackerbug] 4.12 powerpc base kernel fixes</issue> <issue id="1071995" tracker="bnc">[TRACKERBUG] SLE15 livepatch backports</issue> <issue id="1104967" tracker="bnc">FATE 325924 NetApp NVMe-oF updates</issue> <issue id="1152107" tracker="bnc">VUL-0: CVE-2019-16746: kernel-source: buffer overflow via missing check of variable elements length in a beacon head in net/wireless/nl80211.c</issue> <issue id="1158755" tracker="bnc">SLES 12 SP3 - SAP HEC: Linux freeze on multiple VIOS reboot or vnicserver rmdev (using ibmvnic) ()</issue> <issue id="1162002" tracker="bnc">VUL-0: CVE-2020-14416: kernel-source: can, slip: Protect tty->disc_data in write_wakeup and close with RCU</issue> <issue id="1170011" tracker="bnc">SLES 15 SP2 Snapshot3 - Slave interface fails to come up with error Adapter login failed (failover/ibmvnic/fleetwood/940_027/Haleakala)</issue> <issue id="1171078" tracker="bnc">SLES 15 SP1 - ISST-RWS: SLES15 SP1 SAP HANA on POWER lpar hung upon adding vnic (DLPAR/ibmvnic)</issue> <issue id="1171673" tracker="bnc">mkfs.xfs of 8TB XFS partition on top off LVM on Azure SLES 15 causes VM to hang</issue> <issue id="1171732" tracker="bnc">VUL-1: CVE-2020-12771: kernel-source: deadlock if a coalescing operation fails in btree_gc_coalesce</issue> <issue id="1171868" tracker="bnc">VUL-0: CVE-2020-12888: kernel-source: improper handling of the attempts to access disabled memory space</issue> <issue id="1172257" tracker="bnc">Backport MCE recovery fix into SLES kernels</issue> <issue id="1172775" tracker="bnc">VUL-1: CVE-2020-13974: kernel-source: drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059</issue> <issue id="1172781" tracker="bnc">VUL-0: CVE-2020-10766: kernel-source: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.</issue> <issue id="1172782" tracker="bnc">VUL-0: CVE-2020-10767: kernel-source: kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available.</issue> <issue id="1172783" tracker="bnc">VUL-0: CVE-2020-10768: kernel-source: kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command.</issue> <issue id="1172999" tracker="bnc">VUL-1: CVE-2020-10773: kernel-source: kernel stack information leak on s390/s390x</issue> <issue id="1173265" tracker="bnc">VUL-0: CVE-2020-10769: kernel-source: buffer over-read in IPsec authenc crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned</issue> <issue id="1173280" tracker="bnc">SLES 15 SP1 - STC940.10:GBS:VNIC:LPM:RMC went to inactive state on SLES LPAR in 4th iteration during max concurrent migration:mac2fp1:zpfp10 (ibmvnic)</issue> <issue id="1173514" tracker="bnc">VUL-1: CVE-2020-15393: kernel-source: memory leak in usbtest_disconnect in drivers/usb/misc/usbtest.c, aka CID-28ebeb8db770</issue> <issue id="1173567" tracker="bnc">VUL-0: CVE-2019-20908: kernel-source: lockdown bypass for loading unsigned modules using efivar_ssdt</issue> <issue id="1173573" tracker="bnc">VUL-0: CVE-2020-15780: kernel-source: lockdown bypass for loading unsigned modules using ACPI table injection</issue> <issue id="1173659" tracker="bnc">VUL-0: CVE-2019-16746: kernel live patch: buffer overflow via missing check of variable elements length in a beacon head in net/wireless/nl80211.c</issue> <issue id="1173999" tracker="bnc">SLE15-LTSS: vfio/pci: SR-IOV spec requires VFs to report zero for the INTx pin register</issue> <issue id="1174000" tracker="bnc">SLE15-LTSS: vfio/pci: unintended difference between PF and VF in hand-off state to the user</issue> <issue id="1174115" tracker="bnc">12-SP5 kernel 4.12.14-122.26 fails to boot due to intel_idle using mwait/monitor even when they are not available</issue> <issue id="1174462" tracker="bnc">VUL-0: CVE-2020-0305: kernel-source: use-after-free due to a race condition in cdev_get of char_dev.c</issue> <issue id="2020-0305" tracker="cve" /> <issue id="2019-20908" tracker="cve" /> <issue id="2020-15780" tracker="cve" /> <issue id="2020-15393" tracker="cve" /> <issue id="2020-12771" tracker="cve" /> <issue id="2019-16746" tracker="cve" /> <issue id="2020-12888" tracker="cve" /> <issue id="2020-10769" tracker="cve" /> <issue id="2020-10773" tracker="cve" /> <issue id="2020-14416" tracker="cve" /> <issue id="2020-10768" tracker="cve" /> <issue id="2020-10766" tracker="cve" /> <issue id="2020-10767" tracker="cve" /> <issue id="2020-13974" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>ematsumiya</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1174462). - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c where incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bnc#1173567). - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c where injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 (bnc#1173573). - CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a memory leak, aka CID-28ebeb8db770 (bnc#1173514). - CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails (bnc#1171732). - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c which did not check the length of variable elements in a beacon head, leading to a buffer overflow (bnc#1152107 1173659). - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868). - CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265). - CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed (bnc#1172999). - CVE-2020-14416: A race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002). - CVE-2020-10768: Indirect branch speculation could have been enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (bnc#1172783). - CVE-2020-10766: Fixed Rogue cross-process SSBD shutdown, where a Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (bnc#1172781). - CVE-2020-10767: Indirect Branch Prediction Barrier was force-disabled when STIBP is unavailable or enhanced IBRS is available. (bnc#1172782). - CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059 (bnc#1172775). The following non-security bugs were fixed: - Merge ibmvnic reset fixes (bsc#1158755 ltc#182094). - block, bfq: add requeue-request hook (bsc#1104967 bsc#1171673). - block, bfq: postpone rq preparation to insert or merge (bsc#1104967 bsc#1171673). - ibmvnic: Do not process device remove during device reset (bsc#1065729). - ibmvnic: Flush existing work items before device removal (bsc#1065729). - ibmvnic: Harden device login requests (bsc#1170011 ltc#183538). - ibmvnic: Skip fatal error reset after passive init (bsc#1171078 ltc#184239). - ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369). - intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115). - livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995). - livepatch: Disallow vmlinux.ko (bsc#1071995). - livepatch: Make klp_apply_object_relocs static (bsc#1071995). - livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols (bsc#1071995). - livepatch: Remove .klp.arch (bsc#1071995). - vfio/pci: Fix SR-IOV VF handling with MMIO blocking (bsc#1051510). - vfio/pci: Fix SR-IOV VF handling with MMIO blocking (bsc#1174000). - vfio/pci: Mask buggy SR-IOV VF INTx support (bsc#1051510). - vfio/pci: Mask buggy SR-IOV VF INTx support (bsc#1173999). - x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1172257). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor