Lucene search

K
oraclelinuxOracleLinuxELSA-2020-5750
HistoryJul 08, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2020-07-0800:00:00
linux.oracle.com
28

6.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

[4.1.12-124.40.6]

  • ipv4: ipv4_default_advmss() should use route mtu (Eric Dumazet) [Orabug: 31563095]
  • net: ipv4: Refine the ipv4_default_advmss (Gao Feng) [Orabug: 31563095]
    [4.1.12-124.40.5]
  • Revert ‘bnxt_en: Remove busy poll logic in the driver.’ (Brian Maly) [Orabug: 28151475]
  • md: batch flush requests. (NeilBrown) [Orabug: 31332821]
  • ALSA: core: Fix card races between register and disconnect (Takashi Iwai) [Orabug: 31351891] {CVE-2019-15214}
  • media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (Malcolm Priestley) [Orabug: 31352061] {CVE-2017-16538}
  • media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (Malcolm Priestley) [Orabug: 31352061] {CVE-2017-16538}
  • atomic_open(): fix the handling of create_error (Al Viro) [Orabug: 31493395]
    [4.1.12-124.40.4]
  • media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (Tomas Bortoli) [Orabug: 31351119] {CVE-2019-19533}
  • NFS: Fix a performance regression in readdir (Trond Myklebust) [Orabug: 31409061]
    [4.1.12-124.40.3]
  • x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31475612] {CVE-2020-0543}
  • x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
  • x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
  • x86/cpu: Add ‘table’ argument to cpu_matches() (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
  • x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
  • x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping (Jia Zhang) [Orabug: 31475612] {CVE-2020-0543}
    [4.1.12-124.40.2]
  • MCE: Restrict MCE banks to 6 on AMD platform (Zhenzhong Duan) [Orabug: 30000521]
  • can: peak_usb: fix slab info leak (Johan Hovold) [Orabug: 31351141] {CVE-2019-19534}
  • can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices (Tomas Bortoli) [Orabug: 31351250] {CVE-2019-19536}
  • xfs: fix freeze hung (Junxiao Bi) [Orabug: 31430876]
    [4.1.12-124.40.1]
  • iscsi_target: fix mismatch spinlock unlock (Junxiao Bi) [Orabug: 31202372]

6.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C