CVE-2020-27673

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate of events to dom0, aka CID-e99502f76271...

CVE-2020-27194

An issue was discovered in the Linux kernel before 5.8.15. scalar32minmaxor in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a...

CVE-2020-10781

A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hotadd file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user...

CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

SUSE-SU-2020:2577-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption bsc1176069...

SUSE-SU-2020:2506-1 Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-1227 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...

SUSE-SU-2020:2499-1 Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94116 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c bsc1173659. - CVE-2020-11668: Fixed a memory...

SUSE-SU-2020:2498-1 Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94113 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c bsc1173659. - CVE-2019-9458: Fixed a...

SUSE-SU-2020:2487-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may have allowed an...

MGASA-2020-0355 Updated kernel and kernel-linus packages fix security vulnerabilities

This update is based on the upstream 5.7.19 kernel and fixes at least the following security issue: In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in trymergefreespace ...

Code injection

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tssinvalidateiobitmap mishandling causes a loss of synchronization between the I/O bitmaps ...

SUSE-SU-2020:1587-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which...

CVE-2020-13974

An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if kascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case...

SUSE-SU-2020:1486-1 Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2)

This update for the Linux Kernel 4.4.121-92129 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiexcmdappendvsietlv which could have allowed local users to gain privileges or cause a denial of service bsc1171254. - CVE-2020-12654:...

SUSE-SU-2020:14354-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10942: In getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via...

SUSE-SU-2020:0558-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources bsc1163971. -...

MGASA-2020-0089 Updated kernel-linus packages fix security vulnerabilities

This update provides upstream 5.4.20, adding support for new hardware and features, and resolves at least the following security issues: In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This...

SUSE-SU-2019:3289-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel-azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19531: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca bsc1158445. - CVE-2019-19543:...

SUSE-SU-2019:3258-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)

This update for the Linux Kernel 4.4.178-9491 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling bsc1156331. - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper...

SUSE-SU-2019:3248-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-195 fixes several issues. The following security issues were fixed: - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship bsc1156321...