180 matches found
SUSE-SU-2021:2184-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 may permit a nearby man-in-the-middle attacker to identify the Passkey...
MGASA-2021-0283 Updated kernel-linus packages fix security and other issues
The kernel-linus update in MGASA-2021-0258 contained some security fixes that caused regressions in at least some container and chroot setups. This update provides upstream 5.10.45 that adds follow-up fixes to resolve the regressions and other various security-related and other bugfixes. For more...
MGASA-2021-0214 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.37 and fixes at least the following security issues: It was discovered that the iouring implementation of the Linux kernel did not properly enforce the MAXRWCOUNT limit in some situations. A local attacker could use this to cause a denial of service...
MGASA-2021-0174 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.27 and fixes at least the following security issues: The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions...
MGASA-2021-0152 Updated kernel-linus packages fix security issues
This kernel-linus update is based on upstream 5.10.25 and fixes at least the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRMIOCTLNOUVEAUCHANNELALLOC. This...
MGASA-2021-0117 Updated kernel packages fix security issues and possible filesystem corruption
This kernel update is based on upstream 5.10.20 and fixes at least the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRMIOCTLNOUVEAUCHANNELALLOC. This flaw...
MGASA-2021-0099 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.19 and fixes at least the following security issues: There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y, CONFIGBPF=y, CONFIGCGROUPS=y, CONFIGCGROUPBPF=y, CONFIGHARDENEDUSERCOPY...
MGASA-2021-0101 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.19 and fixes at least the following security issues: An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An...
MGASA-2021-0085 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.14 and fixes at least the following security issues: nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after-free that could be triggered by local attackers with access to the nbd device via an I/O...
MGASA-2021-0061 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.12 and fixes at least the following security issues: fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPL...
MGASA-2021-0047 Updated kernel packages fix security vulnerability
This kernel update is based on upstream 5.10.8 and fixes at least the following security issue: SCSI “EXTENDED COPY” XCOPY requests sent to a Linux SCSI target LIO allow an attacker to read or write anywhere on any LIO backstore configured on the host, provided the attacker has access to one LUN...
SUSE-SU-2020:2605-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-14314: Fixed a potential negative array index in dosplit bsc1173798. - CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem...
SUSE-SU-2020:2505-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19726 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...
MGASA-2020-0333 Updated kernel packages fix security vulnerability
This provides an update to kernel 5.7 series, currently based on upstream 5.7.14 adding support for new hardware and features, and fixes at least the following security issues: An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in...
SUSE-SU-2020:1775-1 Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-120 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access bsc1172437. - CVE-2018-1000199: Fixed a potential local code execution via ptrac...
SUSE-SU-2020:1758-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP4)
This update for the Linux Kernel 4.12.14-9519 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access bsc1172437. - CVE-2019-15666: Fixed an out of bounds read xfrmpolicyunlink, whi...
SUSE-SU-2020:1656-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-195 fixes several issues. The following security issues were fixed: - CVE-2019-13233: Fixed a race condition between modifyldt and a BR exception for an MPX bounds violation bsc1144502. - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon...
MGASA-2020-0228 Updated kernel-linus packages fix security vulnerabilities
This update is based on the upstream 5.6.14 kernel and fixes at least the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's catego...
MGASA-2020-0201 Updated kernel packages fix security vulnerabilities
This update is based on the upstream 5.6.8 kernel and fixes at least the following security issues: usbsgcancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a referenceCVE-2020-12464. An issue was discovered in the Linux...
MGASA-2020-0184 Updated kernel-linus packages fix security vulnerabilities
This provides an update to kernel 5.6 series, currently based on upstream 5.6.6 adding support for new hardware and features, and fixes at least the following security issues: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lea...