Oval Definition:oval:org.opensuse.security:def:68292
Revision Date:2021-02-10Version:1
Title:Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2) (Important)
Description:

This update for the Linux Kernel 5.3.18-24_12 fixes several issues.

The following security issues were fixed:

- CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations (bsc#1179779). - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180562). - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180030). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180032. - CVE-2020-29569: Fixed a use after free due to a logic error (bsc#1180008). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bsc#1179877). - CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179877). - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could grant unintended write access because of a race condition in a THP mapcount check (bsc#1179664).
Family:unixClass:patch
Status:Reference(s):1027282
1029377
1029902
1040164
1042670
1070853
1079761
1081750
1083507
1086001
1088004
1088009
1088573
1094814
1107030
1109663
1109847
1120644
1122191
1129346
1130840
1133452
1137942
1138459
1141853
1149121
1149792
1149955
1151490
1153238
1159035
1159622
1176410
1177143
1179664
1179779
1179877
1180008
1180030
1180032
1180562
637176
658604
673071
709442
743787
747125
751718
754447
754677
787526
809831
831629
834601
871152
885662
885882
917607
942751
951166
983582
984751
985177
985348
989523
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2013-1752
CVE-2013-4238
CVE-2014-2667
CVE-2014-4650
CVE-2016-0772
CVE-2016-1000110
CVE-2016-5636
CVE-2016-5699
CVE-2017-18207
CVE-2018-1000802
CVE-2018-1060
CVE-2018-1061
CVE-2018-14647
CVE-2018-20406
CVE-2018-20852
CVE-2019-10160
CVE-2019-15903
CVE-2019-16056
CVE-2019-16935
CVE-2019-5010
CVE-2019-9636
CVE-2019-9947
CVE-2020-0465
CVE-2020-0466
CVE-2020-25219
CVE-2020-26154
CVE-2020-29368
CVE-2020-29373
CVE-2020-29569
CVE-2020-29660
CVE-2020-29661
CVE-2020-36158
SUSE-SU-2020:0114-1
SUSE-SU-2020:2901-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libpython3_6m1_0-3.6.10-3.42 is installed
  • OR python3-3.6.10-3.42 is installed
  • OR python3-base-3.6.10-3.42 is installed
  • OR python3-curses-3.6.10-3.42 is installed
  • OR python3-dbm-3.6.10-3.42 is installed
  • OR python3-devel-3.6.10-3.42 is installed
  • OR python3-idle-3.6.10-3.42 is installed
  • OR python3-tk-3.6.10-3.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND kernel-livepatch-5_3_18-24_12-default-5-2.1 is installed
    • BACK