Описание
Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)
This update for the Linux Kernel 4.4.178-94_91 fixes several issues.
The following security issues were fixed:
- CVE-2020-12653: Fixed a buffer overflow in mwifiex_cmd_append_vsie_tlv() which could have allowed local users to gain privileges or cause a denial of service (bsc#1171254).
- CVE-2020-12654: Fixed a heap-based buffer overflow in mwifiex_ret_wmm_get_status() which could have been triggered by a remote AP to trigger (bsc#1171252).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_48-default-3-2.1
kgraft-patch-4_12_14-95_45-default-4-2.1
kgraft-patch-4_12_14-95_40-default-4-2.1
kgraft-patch-4_12_14-95_37-default-5-2.1
kgraft-patch-4_12_14-95_32-default-6-2.1
kgraft-patch-4_12_14-95_29-default-7-2.1
kgraft-patch-4_12_14-95_24-default-7-2.1
kgraft-patch-4_12_14-95_19-default-8-2.1
kgraft-patch-4_12_14-95_16-default-9-2.1
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_17-default-3-2.1
kgraft-patch-4_12_14-122_12-default-4-2.1
kgraft-patch-4_12_14-122_7-default-4-2.1
kgraft-patch-4_12_14-120-default-4-9.1
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150_47-default-4-2.1
kernel-livepatch-4_12_14-150_41-default-4-2.1
kernel-livepatch-4_12_14-150_38-default-6-2.1
kernel-livepatch-4_12_14-150_35-default-6-2.1
kernel-livepatch-4_12_14-150_32-default-7-2.1
kernel-livepatch-4_12_14-150_27-default-7-2.1
kernel-livepatch-4_12_14-150_22-default-8-2.1
kernel-livepatch-4_12_14-150_17-default-9-2.1
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_37-default-3-2.1
kernel-livepatch-4_12_14-197_34-default-3-2.1
kernel-livepatch-4_12_14-197_29-default-4-2.1
kernel-livepatch-4_12_14-197_26-default-4-2.1
kernel-livepatch-4_12_14-197_21-default-6-2.1
kernel-livepatch-4_12_14-197_18-default-6-2.1
kernel-livepatch-4_12_14-197_15-default-7-2.1
kernel-livepatch-4_12_14-197_10-default-7-2.1
kernel-livepatch-4_12_14-197_7-default-9-2.1
kernel-livepatch-4_12_14-197_4-default-10-2.1
kernel-livepatch-4_12_14-195-default-11-31.2
SUSE Linux Enterprise Server 12 SP1-LTSS
kgraft-patch-3_12_74-60_64_124-default-5-2.1
kgraft-patch-3_12_74-60_64_124-xen-5-2.1
kgraft-patch-3_12_74-60_64_121-default-7-2.1
kgraft-patch-3_12_74-60_64_121-xen-7-2.1
kgraft-patch-3_12_74-60_64_118-default-7-2.1
kgraft-patch-3_12_74-60_64_118-xen-7-2.1
kgraft-patch-3_12_74-60_64_115-default-9-2.1
kgraft-patch-3_12_74-60_64_115-xen-9-2.1
kgraft-patch-3_12_74-60_64_110-default-10-2.1
kgraft-patch-3_12_74-60_64_110-xen-10-2.1
SUSE Linux Enterprise Server 12 SP2-LTSS
kgraft-patch-4_4_121-92_125-default-5-2.1
kgraft-patch-4_4_121-92_120-default-7-2.1
kgraft-patch-4_4_121-92_117-default-8-2.1
kgraft-patch-4_4_121-92_114-default-9-2.1
kgraft-patch-4_4_121-92_109-default-10-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS
kgraft-patch-4_4_180-94_113-default-4-2.1
kgraft-patch-4_4_180-94_107-default-5-2.1
kgraft-patch-4_4_180-94_103-default-7-2.1
kgraft-patch-4_4_180-94_100-default-7-2.1
kgraft-patch-4_4_180-94_97-default-9-2.1
kgraft-patch-4_4_178-94_91-default-9-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
kgraft-patch-3_12_74-60_64_124-default-5-2.1
kgraft-patch-3_12_74-60_64_124-xen-5-2.1
kgraft-patch-3_12_74-60_64_121-default-7-2.1
kgraft-patch-3_12_74-60_64_121-xen-7-2.1
kgraft-patch-3_12_74-60_64_118-default-7-2.1
kgraft-patch-3_12_74-60_64_118-xen-7-2.1
kgraft-patch-3_12_74-60_64_115-default-9-2.1
kgraft-patch-3_12_74-60_64_115-xen-9-2.1
kgraft-patch-3_12_74-60_64_110-default-10-2.1
kgraft-patch-3_12_74-60_64_110-xen-10-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
kgraft-patch-4_4_121-92_125-default-5-2.1
kgraft-patch-4_4_121-92_120-default-7-2.1
kgraft-patch-4_4_121-92_117-default-8-2.1
kgraft-patch-4_4_121-92_114-default-9-2.1
kgraft-patch-4_4_121-92_109-default-10-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kgraft-patch-4_4_180-94_113-default-4-2.1
kgraft-patch-4_4_180-94_107-default-5-2.1
kgraft-patch-4_4_180-94_103-default-7-2.1
kgraft-patch-4_4_180-94_100-default-7-2.1
kgraft-patch-4_4_180-94_97-default-9-2.1
kgraft-patch-4_4_178-94_91-default-9-2.1
Ссылки
- Link for SUSE-SU-2020:1475-1
- E-Mail link for SUSE-SU-2020:1475-1
- SUSE Security Ratings
- SUSE Bug 1171252
- SUSE Bug 1171254
- SUSE CVE CVE-2020-12653 page
- SUSE CVE CVE-2020-12654 page
Описание
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-9-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-8-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_29-default-7-2.1
Ссылки
- CVE-2020-12653
- SUSE Bug 1159281
- SUSE Bug 1171195
- SUSE Bug 1171254
Описание
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-9-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-8-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_29-default-7-2.1
Ссылки
- CVE-2020-12654
- SUSE Bug 1159281
- SUSE Bug 1171202
- SUSE Bug 1171252