SUSE-SU-2020:2537-1

Опубликовано: 04 сент. 2020

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-24_9 fixes one issue.

The following security issue was fixed:

CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll (bsc#1174247).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP2

kernel-livepatch-5_3_18-24_9-default-2-2.3

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202537-1/
Link for SUSE-SU-2020:2537-1
https://lists.suse.com/pipermail/sle-security-updates/2020-September/007371.html
E-Mail link for SUSE-SU-2020:2537-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1174247
SUSE Bug 1174247
https://www.suse.com/security/cve/CVE-2020-14331/
SUSE CVE CVE-2020-14331 page

Описание

A flaw was found in the Linux kernel's implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_9-default-2-2.3

Ссылки

https://www.suse.com/security/cve/CVE-2020-14331.html
CVE-2020-14331
https://bugzilla.suse.com/1174205
SUSE Bug 1174205
https://bugzilla.suse.com/1174247
SUSE Bug 1174247

SUSE-SU-2020:2537-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP2

Ссылки

Уязвимость: CVE-2020-14331

Описание

Затронутые продукты

Ссылки