exploitDog

SUSE-SU-2020:2577-1

Опубликовано: 09 сент. 2020

Источник: suse-cvrf

Описание

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bug was fixed:

CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption (bsc#1176069).

Список пакетов

Image SLES15-SP2-BYOS-Azure

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-BYOS-EC2-HVM

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-BYOS-GCE

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-CAP-Deployment-BYOS-Azure

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-CHOST-BYOS-Aliyun

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-CHOST-BYOS-Azure

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-CHOST-BYOS-EC2

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-CHOST-BYOS-GCE

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-EC2-ECS-HVM

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-EC2-HVM

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-GCE

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-HPC-BYOS-Azure

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-HPC-BYOS-EC2-HVM

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE

kernel-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-Azure

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-BYOS-Azure

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-BYOS-EC2-HVM

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-BYOS-GCE

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-EC2-HVM

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

Image SLES15-SP2-SAP-GCE

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

kernel-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

SUSE Linux Enterprise High Availability Extension 15 SP2

cluster-md-kmp-default-5.3.18-24.15.1

dlm-kmp-default-5.3.18-24.15.1

gfs2-kmp-default-5.3.18-24.15.1

ocfs2-kmp-default-5.3.18-24.15.1

SUSE Linux Enterprise Live Patching 15 SP2

kernel-default-livepatch-5.3.18-24.15.1

kernel-default-livepatch-devel-5.3.18-24.15.1

kernel-livepatch-5_3_18-24_15-default-1-5.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP2

kernel-default-5.3.18-24.15.1

kernel-default-devel-5.3.18-24.15.1

kernel-devel-5.3.18-24.15.1

kernel-macros-5.3.18-24.15.1

kernel-preempt-5.3.18-24.15.1

SUSE Linux Enterprise Module for Development Tools 15 SP2

kernel-docs-5.3.18-24.15.2

kernel-obs-build-5.3.18-24.15.1

kernel-preempt-devel-5.3.18-24.15.1

kernel-source-5.3.18-24.15.1

kernel-syms-5.3.18-24.15.1

SUSE Linux Enterprise Module for Legacy 15 SP2

reiserfs-kmp-default-5.3.18-24.15.1

SUSE Linux Enterprise Workstation Extension 15 SP2

kernel-default-extra-5.3.18-24.15.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202577-1/
Link for SUSE-SU-2020:2577-1
https://lists.suse.com/pipermail/sle-security-updates/2020-September/007386.html
E-Mail link for SUSE-SU-2020:2577-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1176069
SUSE Bug 1176069
https://www.suse.com/security/cve/CVE-2020-14386/
SUSE CVE CVE-2020-14386 page

Описание

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Затронутые продукты

Image SLES15-SP2-BYOS-Azure:kernel-default-5.3.18-24.15.1

Image SLES15-SP2-BYOS-EC2-HVM:kernel-default-5.3.18-24.15.1

Image SLES15-SP2-BYOS-GCE:kernel-default-5.3.18-24.15.1

Image SLES15-SP2-CAP-Deployment-BYOS-Azure:kernel-default-5.3.18-24.15.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-14386.html
CVE-2020-14386
https://bugzilla.suse.com/1176069
SUSE Bug 1176069
https://bugzilla.suse.com/1176072
SUSE Bug 1176072

Уязвимость SUSE-SU-2020:2577-1