SUSE-SU-2020:3698-1

Опубликовано: 07 дек. 2020

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-24_37 fixes one issue.

The following security issue was fixed:

CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178622).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP5

kgraft-patch-4_12_14-122_51-default-2-2.1

SUSE Linux Enterprise Live Patching 15 SP2

kernel-livepatch-5_3_18-24_37-default-2-2.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20203698-1/
Link for SUSE-SU-2020:3698-1
https://lists.suse.com/pipermail/sle-security-updates/2020-December/007927.html
E-Mail link for SUSE-SU-2020:3698-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1178622
SUSE Bug 1178622
https://www.suse.com/security/cve/CVE-2020-25668/
SUSE CVE CVE-2020-25668 page

Описание

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_51-default-2-2.1

SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_37-default-2-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-25668.html
CVE-2020-25668
https://bugzilla.suse.com/1178123
SUSE Bug 1178123
https://bugzilla.suse.com/1178622
SUSE Bug 1178622
https://bugzilla.suse.com/1196914
SUSE Bug 1196914

SUSE-SU-2020:3698-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP5

SUSE Linux Enterprise Live Patching 15 SP2

Ссылки

Уязвимость: CVE-2020-25668

Описание

Затронутые продукты

Ссылки