ALT-BU-2020-3803-1
Branch sisyphus update bulletin.
Package kernel-image-mp updated to version 5.6.8-alt1 for branch sisyphus in task 251325.
Closed vulnerabilities
BDU:2020-02141
Уязвимость ядра операционной системы Linux, связанная с записью за границами буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2020-02142
Уязвимость функции bfq_idle_slice_timer_body (block/bfq-iosched.c) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2020-02426
Уязвимость функции usb_sg_cancel (drivers/usb/core/message.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код
BDU:2020-03819
Уязвимость функции enable_sacf_uaccess ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2020-05550
Уязвимость функции do_madvise (mm/madvise.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-00466
Уязвимость функции exec_id ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2020-11884
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=215d1f3928713d6eaec67244bcda72105b898000
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3f777e19d171670ab558a6d5e6b1ac7f9b6c574f
- FEDORA-2020-b453269c4e
- FEDORA-2020-16f9239805
- FEDORA-2020-64d46a6e29
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4342-1
- USN-4343-1
- USN-4345-1
- DSA-4667
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=215d1f3928713d6eaec67244bcda72105b898000
- DSA-4667
- USN-4345-1
- USN-4343-1
- USN-4342-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- FEDORA-2020-64d46a6e29
- FEDORA-2020-16f9239805
- FEDORA-2020-b453269c4e
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3f777e19d171670ab558a6d5e6b1ac7f9b6c574f
Modified: 2024-11-21
CVE-2020-12464
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
- openSUSE-SU-2020:0801
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b
- https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- https://lkml.org/lkml/2020/3/23/52
- https://patchwork.kernel.org/patch/11463781/
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4387-1
- USN-4388-1
- USN-4389-1
- USN-4390-1
- USN-4391-1
- DSA-4698
- DSA-4699
- openSUSE-SU-2020:0801
- DSA-4699
- DSA-4698
- USN-4391-1
- USN-4390-1
- USN-4389-1
- USN-4388-1
- USN-4387-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://patchwork.kernel.org/patch/11463781/
- https://lkml.org/lkml/2020/3/23/52
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
Modified: 2024-11-21
CVE-2020-12657
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
- openSUSE-SU-2020:0801
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9
- https://github.com/torvalds/linux/commit/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9
- https://patchwork.kernel.org/patch/11447049/
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4363-1
- USN-4367-1
- USN-4368-1
- USN-4369-1
- openSUSE-SU-2020:0801
- USN-4369-1
- USN-4368-1
- USN-4367-1
- USN-4363-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://patchwork.kernel.org/patch/11447049/
- https://github.com/torvalds/linux/commit/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5
Modified: 2024-11-21
CVE-2020-12659
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
- openSUSE-SU-2020:0801
- https://bugzilla.kernel.org/show_bug.cgi?id=207225
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02
- https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4387-1
- USN-4388-1
- USN-4389-1
- openSUSE-SU-2020:0801
- USN-4389-1
- USN-4388-1
- USN-4387-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7
- https://bugzilla.kernel.org/show_bug.cgi?id=207225
Modified: 2024-11-21
CVE-2020-12826
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.
- https://bugzilla.redhat.com/show_bug.cgi?id=1822077
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5
- https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- https://lists.openwall.net/linux-kernel/2020/03/24/1803
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4367-1
- USN-4369-1
- USN-4391-1
- https://www.openwall.com/lists/kernel-hardening/2020/03/25/1
- https://bugzilla.redhat.com/show_bug.cgi?id=1822077
- https://www.openwall.com/lists/kernel-hardening/2020/03/25/1
- USN-4391-1
- USN-4369-1
- USN-4367-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://lists.openwall.net/linux-kernel/2020/03/24/1803
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5
Modified: 2024-11-21
CVE-2020-29372
An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1e176e.
- http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html
- http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2029
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2029
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0c4d1e176eeb614dc8734fc3ace34292771f11
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0c4d1e176eeb614dc8734fc3ace34292771f11
Closed bugs
Не работает экспорт игры в pdf (nudoku is compiled without cairo support)
Package ldap-user-tools updated to version 0.9.5-alt1 for branch sisyphus in task 251180.
Closed bugs
ldap-groupmod не добавляет пользователя в группу, когда в ней есть пользователь с более коротким именем
Closed vulnerabilities
BDU:2020-03941
Уязвимость компонента master.py системы управления конфигурациями и удалённого выполнения операций SaltStack, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2020-03942
Уязвимость компонента ClearFuncs системы управления конфигурациями и удалённого выполнения операций SaltStack, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-04-03
CVE-2020-11651
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
- openSUSE-SU-2020:0564
- openSUSE-SU-2020:0564
- openSUSE-SU-2020:1074
- openSUSE-SU-2020:1074
- http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
- http://www.vmware.com/security/advisories/VMSA-2020-0009.html
- http://www.vmware.com/security/advisories/VMSA-2020-0009.html
- https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
- https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
- https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
- https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
- [debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update
- [debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update
- 20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products
- 20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products
- USN-4459-1
- USN-4459-1
- DSA-4676
- DSA-4676
Modified: 2025-04-03
CVE-2020-11652
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
- openSUSE-SU-2020:0564
- openSUSE-SU-2020:1074
- http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
- http://support.blackberry.com/kb/articleDetail?articleNumber=000063758
- http://www.vmware.com/security/advisories/VMSA-2020-0009.html
- https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
- https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
- [debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update
- 20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products
- USN-4459-1
- DSA-4676
- DSA-4676
- USN-4459-1
- 20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products
- [debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update
- https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
- https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
- http://www.vmware.com/security/advisories/VMSA-2020-0009.html
- http://support.blackberry.com/kb/articleDetail?articleNumber=000063758
- http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
- openSUSE-SU-2020:1074
- openSUSE-SU-2020:0564
Closed vulnerabilities
BDU:2021-04593
Уязвимость файлов cookie HTTP библиотеки управления виртуализацией Libvirt, связанная с неправильным межграничным удалением критичных данных, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-21
CVE-2020-14301
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.