SUSE-SU-2020:14442-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-202014442-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:14442-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:14442-1
Related
Published
2020-08-03T14:46:47Z
Modified
2020-08-03T14:46:47Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmmtimeouthander in file arch/s390/mm/cmm.c (bnc#1172999).
  • CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).
  • CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775).
  • CVE-2020-10732: A flaw was found in the implementation of Userspace core dumps. This flaw allowed an attacker with a local account to crash a trivial program and exfiltrate private kernel data (bnc#1171220).
  • CVE-2020-12656: Fixed a memory leak in gssmechfree in the rpcsecgsskrb5 implementation, caused by a lack of certain domain_release calls (bnc#1171219).
  • CVE-2020-0305: Fixed a possible use-after-free due to a race condition incdevget of chardev.c. This could lead to local escalation of privilege. User interaction is not needed for exploitation (bnc#1174462).
  • CVE-2020-10769: A buffer over-read flaw was found in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265).
  • CVE-2020-12652: The _mptctlioctl function in drivers/message/fusion/mptctl.c allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability (bnc#1171218).
  • CVE-2019-5108: Fixed a denial-of-service vulnerability in the wifi stack. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed (bnc#1159912).

The following non-security bugs were fixed:

  • Fix gcc-discovered error in zeroing a struct (bnc#680814)
References

Affected packages

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-bigmem

Package

Name
kernel-bigmem
Purl
pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-ec2

Package

Name
kernel-ec2
Purl
pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-pae

Package

Name
kernel-pae
Purl
pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-ppc64

Package

Name
kernel-ppc64
Purl
pkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-trace

Package

Name
kernel-trace
Purl
pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-LTSS / kernel-xen

Package

Name
kernel-xen
Purl
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-108.117.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-108.117.1",
            "kernel-default-man": "3.0.101-108.117.1",
            "kernel-ec2": "3.0.101-108.117.1",
            "kernel-default": "3.0.101-108.117.1",
            "kernel-source": "3.0.101-108.117.1",
            "kernel-bigmem": "3.0.101-108.117.1",
            "kernel-pae-base": "3.0.101-108.117.1",
            "kernel-syms": "3.0.101-108.117.1",
            "kernel-bigmem-base": "3.0.101-108.117.1",
            "kernel-pae": "3.0.101-108.117.1",
            "kernel-ppc64-devel": "3.0.101-108.117.1",
            "kernel-ec2-devel": "3.0.101-108.117.1",
            "kernel-ppc64-base": "3.0.101-108.117.1",
            "kernel-trace-devel": "3.0.101-108.117.1",
            "kernel-trace": "3.0.101-108.117.1",
            "kernel-ec2-base": "3.0.101-108.117.1",
            "kernel-ppc64": "3.0.101-108.117.1",
            "kernel-xen-base": "3.0.101-108.117.1",
            "kernel-xen-devel": "3.0.101-108.117.1",
            "kernel-bigmem-devel": "3.0.101-108.117.1",
            "kernel-trace-base": "3.0.101-108.117.1",
            "kernel-default-devel": "3.0.101-108.117.1",
            "kernel-pae-devel": "3.0.101-108.117.1",
            "kernel-xen": "3.0.101-108.117.1"
        }
    ]
}