Описание
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-24_12 fixes several issues.
The following security issues were fixed:
- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724, bsc#1177729, bsc#1178397).
- CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted (bnc#1177513).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_41-default-2-2.1
kgraft-patch-4_12_14-122_37-default-3-2.1
kgraft-patch-4_12_14-122_32-default-4-2.1
kgraft-patch-4_12_14-122_29-default-4-2.1
kgraft-patch-4_12_14-122_26-default-4-2.2
kgraft-patch-4_12_14-122_23-default-4-2.2
kgraft-patch-4_12_14-122_20-default-6-2.2
kgraft-patch-4_12_14-122_17-default-7-2.2
kgraft-patch-4_12_14-122_12-default-8-2.2
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_34-default-7-2.2
kernel-livepatch-4_12_14-197_61-default-2-2.1
kernel-livepatch-4_12_14-197_56-default-3-2.1
kernel-livepatch-4_12_14-197_51-default-4-2.1
kernel-livepatch-4_12_14-197_48-default-4-2.1
kernel-livepatch-4_12_14-197_45-default-4-2.2
kernel-livepatch-4_12_14-197_40-default-6-2.2
kernel-livepatch-4_12_14-197_37-default-7-2.2
kernel-livepatch-4_12_14-197_29-default-8-2.2
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-24_24-default-3-2.1
kernel-livepatch-5_3_18-24_15-default-3-2.1
kernel-livepatch-5_3_18-24_12-default-3-2.1
Ссылки
- Link for SUSE-SU-2020:3402-1
- E-Mail link for SUSE-SU-2020:3402-1
- SUSE Security Ratings
- SUSE Bug 1177513
- SUSE Bug 1177729
- SUSE CVE CVE-2020-12351 page
- SUSE CVE CVE-2020-25645 page
Описание
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_12-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_17-default-7-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_20-default-6-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_23-default-4-2.2
Ссылки
- CVE-2020-12351
- SUSE Bug 1177724
- SUSE Bug 1177729
- SUSE Bug 1178397
Описание
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_12-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_17-default-7-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_20-default-6-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_23-default-4-2.2
Ссылки
- CVE-2020-25645
- SUSE Bug 1177511
- SUSE Bug 1177513