Описание
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-150100_197_120 fixes one issue.
The following security issue was fixed:
- CVE-2020-36516: Fixed an off-path attack via mixed IPID assignment method with the hash-based IPID assignment policy to inject data into a victim's TCP session or terminate that session (bsc#1196867).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_130-default-2-2.2
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150000_150_98-default-2-150000.2.1
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-150100_197_120-default-2-150100.2.1
Ссылки
- Link for SUSE-SU-2022:3064-1
- E-Mail link for SUSE-SU-2022:3064-1
- SUSE Security Ratings
- SUSE Bug 1196867
- SUSE CVE CVE-2020-36516 page
Описание
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-2-2.2
SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-2-150100.2.1
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_98-default-2-150000.2.1
Ссылки
- CVE-2020-36516
- SUSE Bug 1196616
- SUSE Bug 1196867
- SUSE Bug 1204092
- SUSE Bug 1204183