1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2020:2121-1

[SUSE-SU-2020:2121-1] Security update for the Linux Kernel

Severity Important
Affected Packages 20
CVEs 15
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1174462).
  • CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c where incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bnc#1173567).
  • CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c where injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 (bnc#1173573).
  • CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770 (bnc#1173514).
  • CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a deadlock if a coalescing operation fails (bnc#1171732).
  • CVE-2019-16746: net/wireless/nl80211.c did not check the length of variable elements in a beacon head, leading to a buffer overflow (bnc#1152107).
  • CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868).
  • CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265).
  • CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed (bnc#1172999).
  • CVE-2020-14416: A race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).
  • CVE-2020-10768: Indirect branch speculation could have been enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (bnc#1172783).
  • CVE-2020-10766: Fixed Rogue cross-process SSBD shutdown, where a Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (bnc#1172781).
  • CVE-2020-10767: Indirect Branch Prediction Barrier was force-disabled when STIBP is unavailable or enhanced IBRS is available. (bnc#1172782).
  • CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. (bnc#1172775).
  • CVE-2019-20810: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel did not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586 (bnc#1172458).

The following non-security bugs were fixed:

  • ACPI: PM: Avoid using power resources if there are none for D0 (bsc#1051510).
  • ALSA: es1688: Add the missed snd_card_free() (bsc#1051510).
  • bcache: Fix an error code in bch_dump_read() (git fixes (block drivers)).
  • block, bfq: add requeue-request hook (bsc#1104967 bsc#1171673).
  • block, bfq: postpone rq preparation to insert or merge (bsc#1104967 bsc#1171673).
  • block: remove QUEUE_FLAG_STACKABLE (git fixes (block drivers)).
  • block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block drivers)).
  • btrfs: always wait on ordered extents at fsync time (bsc#1171761).
  • btrfs: clean up the left over logged_list usage (bsc#1171761).
  • btrfs: do not zero f_bavail if we have available space (bsc#1168081).
  • btrfs: fix list_add corruption and soft lockups in fsync (bsc#1171761).
  • btrfs: fix missing data checksums after a ranged fsync (msync) (bsc#1171761).
  • btrfs: fix missing file extent item for hole after ranged fsync (bsc#1171761).
  • btrfs: fix missing hole after hole punching and fsync when using NO_HOLES (bsc#1171761).
  • btrfs: fix missing semaphore unlock in btrfs_sync_file (bsc#1171761).
  • btrfs: fix rare chances for data loss when doing a fast fsync (bsc#1171761).
  • btrfs: Remove extra parentheses from condition in copy_items() (bsc#1171761).
  • btrfs: remove no longer used io_err from btrfs_log_ctx (bsc#1171761).
  • btrfs: remove no longer used logged range variables when logging extents (bsc#1171761).
  • btrfs: remove no longer used 'sync' member from transaction handle (bsc#1171761).
  • btrfs: remove remaing full_sync logic from btrfs_sync_file (bsc#1171761).
  • btrfs: remove the logged extents infrastructure (bsc#1171761).
  • btrfs: remove the wait ordered logic in the log_one_extent path (bsc#1171761).
  • btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124).
  • CDC-ACM: heed quirk also in error handling (git-fixes).
  • cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1144333).
  • cifs: handle hostnames that resolve to same ip in failover (bsc#1144333 bsc#1161016).
  • cifs: set up next DFS target before generic_ip_connect() (bsc#1144333 bsc#1161016).
  • clk: bcm2835: Fix return type of bcm2835_register_gate (bsc#1051510).
  • clk: clk-flexgen: fix clock-critical handling (bsc#1051510).
  • clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510).
  • compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block drivers)).
  • compat_ioctl: block: handle Persistent Reservations (git fixes (block drivers)).
  • copy_{to,from}_user(): consolidate object size checks (git fixes).
  • crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (git-fixes).
  • dm btree: increase rebalance threshold in __rebalance2() (git fixes (block drivers)).
  • dm cache: fix a crash due to incorrect work item cancelling (git fixes (block drivers)).
  • dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block drivers)).
  • dm: fix potential for q->make_request_fn NULL pointer (git fixes (block drivers)).
  • dm space map common: fix to ensure new block isn't already in use (git fixes (block drivers)).
  • dm: various cleanups to md->queue initialization code (git fixes).
  • dm verity fec: fix hash block number in verity_fec_decode (git fixes (block drivers)).
  • dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block drivers)).
  • Drivers: hv: Change flag to write log level in panic msg to false (bsc#1170618).
  • drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static (bsc#1051510).
  • drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1152472) * context changes
  • drm: encoder_slave: fix refcouting error for modules (bsc#1114279)
  • drm/mediatek: Check plane visibility in atomic_update (bsc#1152472) * context changes
  • drm/qxl: Use correct notify port address when creating cursor ring (bsc#1152472)
  • drm/radeon: fix double free (bsc#1152472)
  • drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1152472)
  • e1000e: Disable TSO for buffer overrun workaround (bsc#1051510).
  • e1000e: Do not wake up the system via WOL if device wakeup is disabled (bsc#1051510).
  • EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279).
  • evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510).
  • evm: Fix a small race in init_desc() (bsc#1051510).
  • extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' (bsc#1051510).
  • gpiolib: Document that GPIO line names are not globally unique (bsc#1051510).
  • HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510).
  • ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).
  • ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369).
  • ibmvnic: Flush existing work items before device removal (bsc#1065729).
  • ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).
  • iio: buffer: Do not allow buffers without any channels enabled to be activated (bsc#1051510).
  • iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510).
  • ima: Directly assign the ima_default_policy pointer to ima_rules (bsc#1051510).
  • ima: Fix ima digest hash table key calculation (bsc#1051510).
  • include/asm-generic/topology.h: guard cpumask_of_node() macro argument (bsc#1148868).
  • intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115).
  • KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS (bsc#1114279).
  • KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc#1114279).
  • kvm: x86: Fix L1TF mitigation for shadow MMU (bsc#1171904).
  • KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated (bsc#1171904).
  • KVM: x86: only do L1TF workaround on affected processors (bsc#1171904).
  • libceph: do not omit recovery_deletes in target_copy() (bsc#1173462).
  • livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995).
  • livepatch: Disallow vmlinux.ko (bsc#1071995).
  • livepatch: Make klp_apply_object_relocs static (bsc#1071995).
  • livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols (bsc#1071995).
  • livepatch: Remove .klp.arch (bsc#1071995).
  • md: Avoid namespace collision with bitmap API (git fixes (block drivers)).
  • md: use memalloc scope APIs in mddev_suspend()/mddev_resume() (git fixes (block drivers)).
  • mmc: fix compilation of user API (bsc#1051510).
  • netfilter: connlabels: prefer static lock initialiser (git-fixes).
  • netfilter: ctnetlink: netns exit must wait for callbacks (bsc#1169795).
  • netfilter: not mark a spinlock as __read_mostly (git-fixes).
  • net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() (bsc#1172484).
  • NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() (bsc#1170592).
  • NFSv4: Retry CLOSE and DELEGRETURN on NFS4ERR_OLD_STATEID (bsc#1170592).
  • nvme: check for NVME_CTRL_LIVE in nvme_report_ns_ids() (bcs#1171558 bsc#1159058).
  • nvme: do not update multipath disk information if the controller is down (bcs#1171558 bsc#1159058).
  • objtool: Clean instruction state before each function validation (bsc#1169514).
  • objtool: Ignore empty alternatives (bsc#1169514).
  • overflow: Fix -Wtype-limits compilation warnings (git fixes).
  • overflow.h: Add arithmetic shift helper (git fixes).
  • p54usb: add AirVasT USB stick device-id (bsc#1051510).
  • PCI: Allow pci_resize_resource() for devices on root bus (bsc#1051510).
  • PCI: Fix pci_register_host_bridge() device_register() error handling (bsc#1051510).
  • PCI: Program MPS for RCiEP devices (bsc#1051510).
  • PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port (bsc#1051510).
  • perf: Allocate context task_ctx_data for child event (git-fixes).
  • perf/cgroup: Fix perf cgroup hierarchy support (git-fixes).
  • perf: Copy parent's address filter offsets on clone (git-fixes).
  • perf/core: Add sanity check to deal with pinned event failure (git-fixes).
  • perf/core: Avoid freeing static PMU contexts when PMU is unregistered (git-fixes).
  • perf/core: Correct event creation with PERF_FORMAT_GROUP (git-fixes).
  • perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes).
  • perf/core: Fix bad use of igrab() (git fixes (dependent patch)).
  • perf/core: Fix crash when using HW tracing kernel filters (git-fixes).
  • perf/core: Fix ctx_event_type in ctx_resched() (git-fixes).
  • perf/core: Fix error handling in perf_event_alloc() (git-fixes).
  • perf/core: Fix exclusive events' grouping (git-fixes).
  • perf/core: Fix group scheduling with mixed hw and sw events (git-fixes).
  • perf/core: Fix impossible ring-buffer sizes warning (git-fixes).
  • perf/core: Fix locking for children siblings group read (git-fixes).
  • perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes (dependent patch for 18736eef1213)).
  • perf/core: Fix perf_event_read_value() locking (git-fixes).
  • perf/core: Fix perf_pmu_unregister() locking (git-fixes).
  • perf/core: Fix __perf_read_group_add() locking (git-fixes (dependent patch)).
  • perf/core: Fix perf_sample_regs_user() mm check (git-fixes).
  • perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes).
  • perf/core: Fix race between close() and fork() (git-fixes).
  • perf/core: Fix the address filtering fix (git-fixes).
  • perf/core: Fix use-after-free in uprobe_perf_close() (git-fixes).
  • perf/core: Force USER_DS when recording user stack data (git-fixes).
  • perf/core: Restore mmap record type correctly (git-fixes).
  • perf: Fix header.size for namespace events (git-fixes).
  • perf/ioctl: Add check for the sample_period value (git-fixes).
  • perf, pt, coresight: Fix address filters for vmas with non-zero offset (git-fixes).
  • perf: Return proper values for user stack errors (git-fixes).
  • perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes).
  • perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity (git-fixes).
  • perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops (git-fixes).
  • perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) (git-fixes).
  • perf/x86/amd/iommu: Make the 'amd_iommu_attr_groups' symbol static (git-fixes).
  • perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs (git-fixes stable).
  • perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs (git-fixes).
  • perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events (git-fixes stable).
  • perf/x86: Enable free running PEBS for REGS_USER/INTR (git-fixes).
  • perf/x86: Fix incorrect PEBS_REGS (git-fixes).
  • perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts() (git-fixes).
  • perf/x86/intel: Add proper condition to run sched_task callbacks (git-fixes).
  • perf/x86/intel/bts: Fix the use of page_private() (git-fixes).
  • perf/x86/intel: Fix PT PMI handling (git-fixes).
  • perf/x86/intel: Move branch tracing setup to the Intel-specific source file (git-fixes).
  • perf/x86/intel/uncore: Add Node ID mask (git-fixes).
  • perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX (git-fixes).
  • perf/x86/pt, coresight: Clean up address filter structure (git fixes (dependent patch)).
  • perf/x86/uncore: Fix event group support (git-fixes).
  • pid: Improve the comment about waiting in zap_pid_ns_processes (git fixes)).
  • pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' (bsc#1051510).
  • pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()' (bsc#1051510).
  • pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs (bsc#1051510).
  • pnp: Use list_for_each_entry() instead of open coding (git fixes).
  • powerpc/64s: Do not let DT CPU features set FSCR_DSCR (bsc#1065729).
  • powerpc/64s: Save FSCR to init_task.thread.fscr after feature init (bsc#1065729).
  • powerpc/xive: Clear the page tables for the ESB IO mapping (bsc#1085030).
  • power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select (bsc#1051510).
  • power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()' (bsc#1051510).
  • power: supply: smb347-charger: IRQSTAT_D is volatile (bsc#1051510).
  • raid5: remove gfp flags from scribble_alloc() (git fixes (block drivers)).
  • resolve KABI warning for perf-pt-coresight (git-fixes).
  • Revert 'bcache: ignore pending signals when creating gc and allocator thread' (git fixes (block drivers)).
  • Revert 'dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues' (git fixes (block drivers)).
  • Revert 'tools lib traceevent: Remove unneeded qsort and uses memmove'
  • rpm/kernel-docs.spec.in: Require python-packaging for build.
  • s390/bpf: Maintain 8-byte stack alignment (bsc#1169194).
  • s390: fix syscall_get_error for compat processes (git-fixes).
  • s390/qdio: consistently restore the IRQ handler (git-fixes).
  • s390/qdio: lock device while installing IRQ handler (git-fixes).
  • s390/qdio: put thinint indicator after early error (git-fixes).
  • s390/qdio: tear down thinint indicator after early error (git-fixes).
  • s390/qeth: fix error handling for isolation mode cmds (git-fixes).
  • scsi: ibmvscsi: Do not send host info in adapter info MAD after LPM (bsc#1172759 ltc#184814).
  • scsi: qedf: Add port_id getter (bsc#1150660).
  • scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request (bsc#1158983).
  • spi: dw: use 'smp_mb()' to avoid sending spi data error (bsc#1051510).
  • staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK (bsc#1051510).
  • staging: sm750fb: add missing case while setting FB_VISUAL (bsc#1051510).
  • SUNRPC: The TCP back channel mustn't disappear while requests are outstanding (bsc#1152624).
  • tracing: Fix event trigger to accept redundant spaces (git-fixes).
  • tty: n_gsm: Fix bogus i++ in gsm_data_kick (bsc#1051510).
  • tty: n_gsm: Fix SOF skipping (bsc#1051510).
  • tty: n_gsm: Fix waking up upper tty layer when room available (bsc#1051510).
  • usb: dwc2: gadget: move gadget resume after the core is in L0 state (bsc#1051510).
  • usb: gadget: lpc32xx_udc: do not dereference ep pointer before null check (bsc#1051510).
  • usb: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke (bsc#1051510).
  • usb: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() (bsc#1051510).
  • usb: musb: Fix runtime PM imbalance on error (bsc#1051510).
  • usb: musb: start session in resume for host port (bsc#1051510).
  • usb: serial: option: add Telit LE910C1-EUX compositions (bsc#1051510).
  • usb: serial: qcserial: add DW5816e QDL support (bsc#1051510).
  • usb: serial: usb_wwan: do not resubmit rx urb on fatal errors (bsc#1051510).
  • usb: serial: usb_wwan: do not resubmit rx urb on fatal errors (git-fixes).
  • virtio-blk: handle block_device_operations callbacks after hot unplug (git fixes (block drivers)).
  • vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484).
  • vmxnet3: add support to get/set rx flow hash (bsc#1172484).
  • vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484).
  • vmxnet3: avoid format strint overflow warning (bsc#1172484).
  • vmxnet3: prepare for version 4 changes (bsc#1172484).
  • vmxnet3: Remove always false conditional statement (bsc#1172484).
  • vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1172484).
  • vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1172484).
  • vmxnet3: Replace msleep(1) with usleep_range() (bsc#1172484).
  • vmxnet3: update to version 4 (bsc#1172484).
  • vmxnet3: use correct hdr reference when packet is encapsulated (bsc#1172484).
  • w1: omap-hdq: cleanup to add missing newline for some dev_dbg (bsc#1051510).
  • work around mvfs bug (bsc#1162063).
  • x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1114279).
  • x86/events/intel/ds: Add PERF_SAMPLE_PERIOD into PEBS_FREERUNNING_FLAGS (git-fixes).
  • x86: Fix early boot crash on gcc-10, third try (bsc#1114279).
  • x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1172257).
  • x86/reboot/quirks: Add MacBook6,1 reboot quirk (bsc#1114279).
  • xfrm: fix error in comment (git fixes).
Package Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.57.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.57.1
ID
SUSE-SU-2020:2121-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2020/suse-su-20202121-1/
Published
2020-08-04T13:18:16
(4 years ago)
Modified
2020-08-04T13:18:16
(4 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2121-1.json
Suse URL for SUSE-SU-2020:2121-1 https://www.suse.com/support/update/announcement/2020/suse-su-20202121-1/
Suse E-Mail link for SUSE-SU-2020:2121-1 https://lists.suse.com/pipermail/sle-security-updates/2020-August/007219.html
Bugzilla SUSE Bug 1051510 https://bugzilla.suse.com/1051510
Bugzilla SUSE Bug 1065729 https://bugzilla.suse.com/1065729
Bugzilla SUSE Bug 1071995 https://bugzilla.suse.com/1071995
Bugzilla SUSE Bug 1085030 https://bugzilla.suse.com/1085030
Bugzilla SUSE Bug 1104967 https://bugzilla.suse.com/1104967
Bugzilla SUSE Bug 1114279 https://bugzilla.suse.com/1114279
Bugzilla SUSE Bug 1144333 https://bugzilla.suse.com/1144333
Bugzilla SUSE Bug 1148868 https://bugzilla.suse.com/1148868
Bugzilla SUSE Bug 1150660 https://bugzilla.suse.com/1150660
Bugzilla SUSE Bug 1152107 https://bugzilla.suse.com/1152107
Bugzilla SUSE Bug 1152472 https://bugzilla.suse.com/1152472
Bugzilla SUSE Bug 1152624 https://bugzilla.suse.com/1152624
Bugzilla SUSE Bug 1158983 https://bugzilla.suse.com/1158983
Bugzilla SUSE Bug 1159058 https://bugzilla.suse.com/1159058
Bugzilla SUSE Bug 1161016 https://bugzilla.suse.com/1161016
Bugzilla SUSE Bug 1162002 https://bugzilla.suse.com/1162002
Bugzilla SUSE Bug 1162063 https://bugzilla.suse.com/1162063
Bugzilla SUSE Bug 1168081 https://bugzilla.suse.com/1168081
Bugzilla SUSE Bug 1169194 https://bugzilla.suse.com/1169194
Bugzilla SUSE Bug 1169514 https://bugzilla.suse.com/1169514
Bugzilla SUSE Bug 1169795 https://bugzilla.suse.com/1169795
Bugzilla SUSE Bug 1170011 https://bugzilla.suse.com/1170011
Bugzilla SUSE Bug 1170592 https://bugzilla.suse.com/1170592
Bugzilla SUSE Bug 1170618 https://bugzilla.suse.com/1170618
Bugzilla SUSE Bug 1171124 https://bugzilla.suse.com/1171124
Bugzilla SUSE Bug 1171424 https://bugzilla.suse.com/1171424
Bugzilla SUSE Bug 1171558 https://bugzilla.suse.com/1171558
Bugzilla SUSE Bug 1171673 https://bugzilla.suse.com/1171673
Bugzilla SUSE Bug 1171732 https://bugzilla.suse.com/1171732
Bugzilla SUSE Bug 1171761 https://bugzilla.suse.com/1171761
Bugzilla SUSE Bug 1171868 https://bugzilla.suse.com/1171868
Bugzilla SUSE Bug 1171904 https://bugzilla.suse.com/1171904
Bugzilla SUSE Bug 1172257 https://bugzilla.suse.com/1172257
Bugzilla SUSE Bug 1172344 https://bugzilla.suse.com/1172344
Bugzilla SUSE Bug 1172458 https://bugzilla.suse.com/1172458
Bugzilla SUSE Bug 1172484 https://bugzilla.suse.com/1172484
Bugzilla SUSE Bug 1172759 https://bugzilla.suse.com/1172759
Bugzilla SUSE Bug 1172775 https://bugzilla.suse.com/1172775
Bugzilla SUSE Bug 1172781 https://bugzilla.suse.com/1172781
Bugzilla SUSE Bug 1172782 https://bugzilla.suse.com/1172782
Bugzilla SUSE Bug 1172783 https://bugzilla.suse.com/1172783
Bugzilla SUSE Bug 1172999 https://bugzilla.suse.com/1172999
Bugzilla SUSE Bug 1173265 https://bugzilla.suse.com/1173265
Bugzilla SUSE Bug 1173280 https://bugzilla.suse.com/1173280
Bugzilla SUSE Bug 1173428 https://bugzilla.suse.com/1173428
Bugzilla SUSE Bug 1173462 https://bugzilla.suse.com/1173462
Bugzilla SUSE Bug 1173514 https://bugzilla.suse.com/1173514
Bugzilla SUSE Bug 1173567 https://bugzilla.suse.com/1173567
Bugzilla SUSE Bug 1173573 https://bugzilla.suse.com/1173573
Bugzilla SUSE Bug 1174115 https://bugzilla.suse.com/1174115
Bugzilla SUSE Bug 1174462 https://bugzilla.suse.com/1174462
Bugzilla SUSE Bug 1174543 https://bugzilla.suse.com/1174543
CVE SUSE CVE CVE-2019-16746 page https://www.suse.com/security/cve/CVE-2019-16746/
CVE SUSE CVE CVE-2019-20810 page https://www.suse.com/security/cve/CVE-2019-20810/
CVE SUSE CVE CVE-2019-20908 page https://www.suse.com/security/cve/CVE-2019-20908/
CVE SUSE CVE CVE-2020-0305 page https://www.suse.com/security/cve/CVE-2020-0305/
CVE SUSE CVE CVE-2020-10766 page https://www.suse.com/security/cve/CVE-2020-10766/
CVE SUSE CVE CVE-2020-10767 page https://www.suse.com/security/cve/CVE-2020-10767/
CVE SUSE CVE CVE-2020-10768 page https://www.suse.com/security/cve/CVE-2020-10768/
CVE SUSE CVE CVE-2020-10769 page https://www.suse.com/security/cve/CVE-2020-10769/
CVE SUSE CVE CVE-2020-10773 page https://www.suse.com/security/cve/CVE-2020-10773/
CVE SUSE CVE CVE-2020-12771 page https://www.suse.com/security/cve/CVE-2020-12771/
CVE SUSE CVE CVE-2020-12888 page https://www.suse.com/security/cve/CVE-2020-12888/
CVE SUSE CVE CVE-2020-13974 page https://www.suse.com/security/cve/CVE-2020-13974/
CVE SUSE CVE CVE-2020-14416 page https://www.suse.com/security/cve/CVE-2020-14416/
CVE SUSE CVE CVE-2020-15393 page https://www.suse.com/security/cve/CVE-2020-15393/
CVE SUSE CVE CVE-2020-15780 page https://www.suse.com/security/cve/CVE-2020-15780/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.57.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.57.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.57.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.57.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=4 suse kernel-source < 4.12.14-95.57.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=4 suse kernel-macros < 4.12.14-95.57.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=4 suse kernel-devel < 4.12.14-95.57.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.57.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.57.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.57.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.57.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=4 suse kernel-default-man < 4.12.14-95.57.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.57.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.57.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.57.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.57.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.57.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.57.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.57.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.57.1 sles-12 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date