Lucene search

K
oraclelinux
OracleLinuxELSA-2020-5805
HistoryAug 10, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2020-08-1000:00:00
linux.oracle.com
49

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

[5.4.17-2011.5.3uek]

  • misc: pvpanic: add crash loaded event (zhenwei pi) [Orabug: 31677096]
  • misc: pvpanic: move bit definition to uapi header file (zhenwei pi) [Orabug: 31677096]
  • RDMA/netlink: Do not always generate an ACK for some netlink operations (Hakon Bugge) [Orabug: 31666971]
  • bnxt_en: Fix statistics counters issue during ifdown with older firmware. (Michael Chan) [Orabug: 31660919]
  • bnxt_en: Do not enable legacy TX push on older firmware. (Michael Chan) [Orabug: 31660919]
  • bnxt_en: Store the running firmware version code. (Michael Chan) [Orabug: 31660919]
  • uek-rpm: Disable secureboot signing for OL7 aarch64 (Somasundaram Krishnasamy) [Orabug: 31645596]
  • PCI: pciehp: Fix indefinite wait on sysfs requests (Lukas Wunner) [Orabug: 31580249]
  • x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (Anthony Steinhauser) [Orabug: 31557802] {CVE-2020-10767}
  • fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Alexander Potapenko) [Orabug: 31350635] {CVE-2020-10732}
  • rds/ib: Make i_{recv,send}_hdrs non-contigious (Hans Westgaard Ry) [Orabug: 31648239]
  • uek-rpm: disable CONFIG_CRYPTO_DEV_CAVIUM_ZIP (Dave Kleikamp) [Orabug: 31667368]
  • vfio-pci: protect remap_pfn_range() from simultaneous calls (Ankur Arora) [Orabug: 31663628] {CVE-2020-12888} {CVE-2020-12888}
  • uek-rpm: drivers: enable VMD PCIe controller (Todd Vierling) [Orabug: 31636283]
  • Revert ‘uek-rpm: Move grub boot menu update to posttrans stage.’ (Somasundaram Krishnasamy) [Orabug: 31689621]
  • IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31689703]
  • certs: Remove Oracle cert compiled into the kernel (Eric Snowberg) [Orabug: 31689566]
    [5.4.17-2011.5.2uek]
  • drm/i915/gt: Correct mistake in cherry-pick (Jack Vogel) [Orabug: 31211659]
  • efi/x86: Add TPM related EFI tables to unencrypted mapping checks (Tom Lendacky) [Orabug: 31627285]
  • ocfs2: change slot number type s16 to u16 (Junxiao Bi) [Orabug: 31480603]
  • ocfs2: fix value of OCFS2_INVALID_SLOT (Junxiao Bi) [Orabug: 31480603]
  • ocfs2: fix panic on nfs server over ocfs2 (Junxiao Bi) [Orabug: 31480603]
  • ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug: 31480603]
  • ocfs2: avoid inode removal while nfsd is accessing it (Junxiao Bi) [Orabug: 31480603]
  • scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs() (Dan Carpenter) [Orabug: 31610239]
  • scsi: qla2xxx: Keep initiator ports after RSCN (Roman Bolshakov) [Orabug: 31610239]
  • scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request (Daniel Wagner) [Orabug: 31610239]
  • scsi: qla2xxx: Remove return value from qla_nvme_ls() (Daniel Wagner) [Orabug: 31610239]
  • scsi: qla2xxx: Remove an unused function (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix endianness annotations in source files (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix endianness annotations in header files (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Use make_handle() instead of open-coding it (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Change {RD,WRT}REG*() function names from upper case into lower case (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix the code that reads from mailbox registers (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Use register names instead of register offsets (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Add more BUILD_BUG_ON() statements (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Simplify the functions for dumping firmware (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix spelling of a variable name (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Make qlafx00_process_aen() return void (Jason Yan) [Orabug: 31610239]
  • scsi: qla2xxx: Use true, false for ha->fw_dumped (Jason Yan) [Orabug: 31610239]
  • scsi: qla2xxx: Use true, false for need_mpi_reset (Jason Yan) [Orabug: 31610239]
  • scsi: qla2xxx: Make qla_set_ini_mode() return void (Jason Yan) [Orabug: 31610239]
  • scsi: qla2xxx: Fix failure message in qlt_disable_vha() (Viacheslav Dubeyko) [Orabug: 31610239]
  • scsi: qla2xxx: make 1-bit bit-fields unsigned int (Colin Ian King) [Orabug: 31610239]
  • scsi: qla2xxx: Fix MPI failure AEN (8200) handling (Arun Easi) [Orabug: 31610239]
  • scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Split qla2x00_configure_local_loop() (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix regression warnings (Nilesh Javali) [Orabug: 31610239]
  • scsi: qla2xxx: Remove non functional code (Daniel Wagner) [Orabug: 31610239]
  • scsi: qla2xxx: Fix I/Os being passed down when FC device is being deleted (Arun Easi) [Orabug: 31610239]
  • scsi: qla2xxx: add ring buffer for tracing debug logs (Rajan Shanmugavelu) [Orabug: 31610239]
  • scsi: qla2xxx: Update driver version to 10.01.00.25-k (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Set Nport ID for N2N (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Handle NVME status iocb correctly (Arun Easi) [Orabug: 31610239]
  • scsi: qla2xxx: Remove restriction of FC T10-PI and FC-NVMe (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Serialize fc_port alloc in N2N (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Fix NPIV instantiation after FW dump (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Fix RDP respond data format (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Force semaphore on flash validation failure (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: add more FW debug information (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Update BPM enablement semantics. (Andrew Vasquez) [Orabug: 31610239]
  • scsi: qla2xxx: fix FW resource count values (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Use a dedicated interrupt handler for ‘handshake-required’ ISPs (Andrew Vasquez) [Orabug: 31610239]
  • scsi: qla2xxx: Return appropriate failure through BSG Interface (Michael Hernandez) [Orabug: 31610239]
  • scsi: qla2xxx: Improved secure flash support messages (Michael Hernandez) [Orabug: 31610239]
  • scsi: qla2xxx: Fix FCP-SCSI FC4 flag passing error (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Use FC generic update firmware options routine for ISP27xx (Giridhar Malavali) [Orabug: 31610239]
  • scsi: qla2xxx: Avoid setting firmware options twice in 24xx_update_fw_options. (Giridhar Malavali) [Orabug: 31610239]
  • scsi: qla2xxx: Add 16.0GT for PCI String (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Convert MAKE_HANDLE() from a define into an inline function (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix sparse warnings triggered by the PCI state checking code (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Suppress endianness complaints in qla2x00_configure_local_loop() (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Simplify the code for aborting SCSI commands (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix sparse warning reported by kbuild bot (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Update driver version to 10.01.00.24-k (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Use QLA_FW_STOPPED macro to propagate flag (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Add fixes for mailbox command (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Fix control flags for login/logout IOCB (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Save rscn_gen for new fcport (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Use correct ISP28xx active FW region (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: Print portname for logging in qla24xx_logio_entry() (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Fix qla2x00_echo_test() based on ISP type (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Correction to selection of loopback/echo test (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Use endian macros to assign static fields in fwdump header (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Fix RDP response size (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Handle cases for limiting RDP response payload length (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add deferred queue for processing ABTS and RDP (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Cleanup ELS/PUREX iocb fields (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Show correct port speed capabilities for RDP command (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Display message for FCE enabled (Himanshu Madhani) [Orabug: 31610239]
  • scsi: qla2xxx: Add vendor extended FDMI commands (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add ql2xrdpenable module parameter for RDP (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add vendor extended RDP additions and amendments (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add changes in preparation for vendor extended FDMI/RDP (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add endianizer macro calls to fc host stats (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add sysfs node for D-Port Diagnostics AEN data (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Add beacon LED config sysfs interface (Joe Carnuccio) [Orabug: 31610239]
  • scsi: qla2xxx: Check locking assumptions at runtime in qla2x00_abort_srb() (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix a NULL pointer dereference in an error path (Bart Van Assche) [Orabug: 31610239]
  • scsi: qla2xxx: Fix warning after FC target reset (Viacheslav Dubeyko) [Orabug: 31610239]
  • scsi: qla2xxx: Fix issue with adapters stopping state (Viacheslav Dubeyko) [Orabug: 31610239]
  • scsi: qla2xxx: Do not log message when reading port speed via sysfs (Ewan D. Milne) [Orabug: 31610239]
  • scsi: qla2xxx: Delete all sessions before unregister local nvme port (Quinn Tran) [Orabug: 31610239]
  • scsi: qla2xxx: check UNLOADING before posting async work (Martin Wilck) [Orabug: 31610239]
  • scsi: qla2xxx: set UNLOADING before waiting for session deletion (Martin Wilck) [Orabug: 31610239]
  • x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (Tony Luck) [Orabug: 31601130]
  • uek-rpm: aarch64: Streamline building 4K pages size kernel (Dave Kleikamp) [Orabug: 31500678]
  • kernel/relay.c: handle alloc_percpu returning NULL in relay_open (Daniel Axtens) [Orabug: 31183397] {CVE-2019-19462}
    [5.4.17-2011.5.1uek]
  • x86/microcode: do not modify sibling mask during late update (Mihai Carabas) [Orabug: 31605044]
  • x86/speculation: Prevent rogue cross-process SSBD shutdown (Anthony Steinhauser) [Orabug: 31557900] {CVE-2020-10768}
  • x86/kvm/hyper-v: move VMX controls sanitization out of nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 31553477]
  • x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 31553477]
  • USB: pci-quirks: Add Raspberry Pi 4 quirk (Nicolas Saenz Julienne) [Orabug: 31527659]
  • PCI: brcmstb: Wait for Raspberry Pis firmware when present (Nicolas Saenz Julienne) [Orabug: 31527659]
  • firmware: raspberrypi: Introduce vl805 init routine (Nicolas Saenz Julienne) [Orabug: 31527659]
  • soc: bcm2835: Add notify xHCI reset property (Nicolas Saenz Julienne) [Orabug: 31527659]
  • PCI: brcmstb: Disable L0s component of ASPM if requested (Jim Quinlan) [Orabug: 31527659]
  • PCI: brcmstb: Fix window register offset from 4 to 8 (Jim Quinlan) [Orabug: 31527659]
  • PCI: brcmstb: Dont clk_put() a managed clock (Jim Quinlan) [Orabug: 31527659]
  • PCI: brcmstb: Assert fundamental reset on initialization (Nicolas Saenz Julienne) [Orabug: 31527659]
  • i2c: brcmstb: Fix handling of optional interrupt (Dave Stevenson) [Orabug: 31527659]
  • ARM: dts: bcm283x: Disable dsi0 node (Nicolas Saenz Julienne) [Orabug: 31527659]
  • pwm: bcm2835: Dynamically allocate base (Florian Fainelli) [Orabug: 31527659]
  • ARM: bcm2835_defconfig: Enable fixed-regulator (Nicolas Saenz Julienne) [Orabug: 31527659]
  • ARM: dts: bcm2711: Add vmmc regulator in emmc2 (Nicolas Saenz Julienne) [Orabug: 31527659]
  • ARM: dts: bcm2711: Update expgpios GPIO labels (Nicolas Saenz Julienne) [Orabug: 31527659]
  • i2c: drivers: Use generic definitions for bus frequencies (Andy Shevchenko) [Orabug: 31527659]
  • i2c: core: Provide generic definitions for bus frequencies (Andy Shevchenko) [Orabug: 31527659]
  • mmc: sdhci: iproc: Add custom set_power() callback for bcm2711 (Nicolas Saenz Julienne) [Orabug: 31527659]
  • mmc: sdhci: am654: Use sdhci_set_power_and_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
  • mmc: sdhci: at91: Use sdhci_set_power_and_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
  • mmc: sdhci: arasan: Use sdhci_set_power_and_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
  • mmc: sdhci: Introduce sdhci_set_power_and_bus_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
  • irqchip/bcm2835: Quiesce IRQs left enabled by bootloader (Lukas Wunner) [Orabug: 31527659]
  • usb: xhci: Enable LPM for VIA LABS VL805 (Nicolas Saenz Julienne) [Orabug: 31527659]
  • arm64: bcm2835: Drop select of nonexistent HAVE_ARM_ARCH_TIMER (Geert Uytterhoeven) [Orabug: 31527659]
  • ARM: dts: bcm2711: Move emmc2 into its own bus (Nicolas Saenz Julienne) [Orabug: 31527659]
  • ARM: dts: bcm2711-rpi-4-b: Add SoC GPIO labels (Stefan Wahren) [Orabug: 31527659]
  • ARM: bcm2835_defconfig: add support for Raspberry Pi4 (Marek Szyprowski) [Orabug: 31527659]
  • ARM: bcm2835_defconfig: Explicitly restore CONFIG_DEBUG_FS (Stefan Wahren) [Orabug: 31527659]
  • ARM: dts: bcm2711: Add pcie0 alias (Nicolas Saenz Julienne) [Orabug: 31527659]
  • ARM: dts: bcm283x: Add missing properties to the PWR LED (Stefan Wahren) [Orabug: 31527659]
  • PCI: brcmstb: Fix build on 32bit ARM platforms with older compilers (Marek Szyprowski) [Orabug: 31527659]
  • net: bcmgenet: Clear ID_MODE_DIS in EXT_RGMII_OOB_CTRL when not needed (Nicolas Saenz Julienne) [Orabug: 31527659]
  • net: bcmgenet: reduce severity of missing clock warnings (Jeremy Linton) [Orabug: 31527659]
  • pinctrl: bcm2835: Add support for all GPIOs on BCM2711 (Stefan Wahren) [Orabug: 31527659]
  • pinctrl: bcm2835: Refactor platform data (Stefan Wahren) [Orabug: 31527659]
  • pinctrl: bcm2835: Drop unused define (Stefan Wahren) [Orabug: 31527659]
  • dma-contiguous: CMA: give precedence to cmdline (Nicolas Saenz Julienne) [Orabug: 31527659]
  • dt-bindings: brcm,avs-ro-thermal: Fix binding check issues (Stefan Wahren) [Orabug: 31527659]
  • dt-bindings: Add Broadcom AVS RO thermal (Stefan Wahren) [Orabug: 31527659]
  • serial: 8250_bcm2835aux: Document struct bcm2835aux_data (Lukas Wunner) [Orabug: 31527659]
  • serial: 8250_bcm2835aux: Use generic remapping code (Lukas Wunner) [Orabug: 31527659]
  • serial: 8250_bcm2835aux: Allocate uart_8250_port on stack (Lukas Wunner) [Orabug: 31527659]
  • serial: 8250_bcm2835aux: Suppress register_port error on -EPROBE_DEFER (Lukas Wunner) [Orabug: 31527659]
  • serial: 8250_bcm2835aux: Suppress clk_get error on -EPROBE_DEFER (Phil Elwell) [Orabug: 31527659]
  • spi: bcm2835: Raise maximum number of slaves to 4 (Lukas Wunner) [Orabug: 31527659]
  • Bluetooth: hci_bcm: Drive RTS only for BCM43438 (Stefan Wahren) [Orabug: 31527659]
  • Bluetooth: hci_bcm: Add device-tree compatible for BCM4329 (Dmitry Osipenko) [Orabug: 31527659]
  • iommu/dma: Rationalise types for DMA masks (Robin Murphy) [Orabug: 31527659]
  • hwrng: iproc-rng200 - Add support for BCM2711 (Stefan Wahren) [Orabug: 31527659]
  • dt-bindings: rng: add BCM2711 RNG compatible (Stefan Wahren) [Orabug: 31527659]
  • Bluetooth: hci_bcm: Support pcm params in dts (Abhishek Pandit-Subedi) [Orabug: 31527659]
  • Bluetooth: btbcm: Support pcm configuration (Abhishek Pandit-Subedi) [Orabug: 31527659]
  • Bluetooth: hci_bcm: Disallow set_baudrate for BCM4354 (Abhishek Pandit-Subedi) [Orabug: 31527659]
  • Bluetooth: btbcm: Add entry for BCM4335A0 UART bluetooth (Mohammad Rasim) [Orabug: 31527659]
  • Bluetooth: hci_bcm: Add compatible string for BCM43540 (Abhishek Pandit-Subedi) [Orabug: 31527659]
  • iommu/dma-iommu: Use the dev->coherent_dma_mask (Tom Murphy) [Orabug: 31527659]
  • KEYS: Increase system_extra_certificate size to 8192 bytes (Stephen Brennan) [Orabug: 31512725]
  • vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888}
  • vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888} {CVE-2020-12888}
  • vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888}
  • vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888}
  • vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Sean Christopherson) [Orabug: 31439668] {CVE-2020-12888}
  • scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 31595670]
    [5.4.17-2011.5.0uek]
  • ctf: support ld --ctf-variables, if available (Nick Alcock) [Orabug: 31535069]
  • ctf: adjust to upcoming binutils ctf_link_add_ctf API change (Nick Alcock) [Orabug: 31535069]
  • bpf: Fix up bpf_skb_adjust_room helpers skb csum setting (Daniel Borkmann) [Orabug: 31519461]
  • aarch64: Enable thermal config for RPi4 (Vijay Kumar) [Orabug: 31518062]
  • thermal: Add BCM2711 thermal driver (Stefan Wahren) [Orabug: 31518062]
  • x86/mitigations: reset default value for srbds_mitigation (Mihai Carabas) [Orabug: 31515046]
  • x86/cpu: clear X86_BUG_SRBDS before late loading (Mihai Carabas) [Orabug: 31515046]
  • x86/mitigations: update MSRs on all CPUs for SRBDS (Mihai Carabas) [Orabug: 31515046]
  • acpi: disallow loading configfs acpi tables when locked down (Jason A. Donenfeld) [Orabug: 31493185]
  • media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351669] {CVE-2019-19054}
How to protect your server from attacks?

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

Related for ELSA-2020-5805