ALT-PU-2020-1043-1
Package kernel-image-un-def updated to version 5.4.11-alt1 for branch p9 in task 244127.
Closed vulnerabilities
BDU:2019-04788
Уязвимость функции из marvell/mwifiex/tdls.c драйвера Marvell WiFi ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2019-04804
Уязвимость функции spi_gpio_probe() (drivers/spi/spi-gpio.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-04855
Уязвимость функции ext4_empty_dir (fs/ext4/namei.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2020-00350
Уязвимость компонента drivers/scsi/libsas/sas_discover.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2020-00356
Уязвимость ядра операционных систем Linux, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2020-03026
Уязвимость функции prb_calc_retire_blk_tmo() (net/packet/af_packet.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-04865
Уязвимость ядра операционной системы Linux , связанная с чтением за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-14901
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.
- openSUSE-SU-2019:2675
- openSUSE-SU-2019:2675
- http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- RHSA-2020:0204
- RHSA-2020:0204
- RHSA-2020:0328
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0339
- RHSA-2020:0374
- RHSA-2020:0374
- RHSA-2020:0375
- RHSA-2020:0375
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14901
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14901
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-91f6e7bb71
- FEDORA-2019-91f6e7bb71
- USN-4225-1
- USN-4225-1
- USN-4225-2
- USN-4225-2
- USN-4226-1
- USN-4226-1
- USN-4227-1
- USN-4227-1
- USN-4227-2
- USN-4227-2
- USN-4228-1
- USN-4228-1
- USN-4228-2
- USN-4228-2
Modified: 2024-11-21
CVE-2019-19037
ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19037
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19037
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://security.netapp.com/advisory/ntap-20191205-0001/
- https://security.netapp.com/advisory/ntap-20191205-0001/
Modified: 2024-11-21
CVE-2019-19070
A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began
- https://bugzilla.suse.com/show_bug.cgi?id=1157294
- https://bugzilla.suse.com/show_bug.cgi?id=1157294
- https://github.com/torvalds/linux/commit/d3b0ffa1d75d5305ebe34735598993afbb8a869d
- https://github.com/torvalds/linux/commit/d3b0ffa1d75d5305ebe34735598993afbb8a869d
- FEDORA-2019-021c968423
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
- FEDORA-2019-34a75d7e61
Modified: 2024-11-21
CVE-2019-19947
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
- [oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities
- [oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities
- https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9
- https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://security.netapp.com/advisory/ntap-20200204-0002/
- https://security.netapp.com/advisory/ntap-20200204-0002/
- USN-4284-1
- USN-4284-1
- USN-4285-1
- USN-4285-1
- USN-4427-1
- USN-4427-1
- USN-4485-1
- USN-4485-1
Modified: 2024-11-21
CVE-2019-19965
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
- openSUSE-SU-2020:0336
- openSUSE-SU-2020:0336
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f70267f379b5e5e11bdc5d72a56bf17e5feed01f
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f70267f379b5e5e11bdc5d72a56bf17e5feed01f
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://security.netapp.com/advisory/ntap-20200204-0002/
- https://security.netapp.com/advisory/ntap-20200204-0002/
- USN-4284-1
- USN-4284-1
- USN-4285-1
- USN-4285-1
- USN-4286-1
- USN-4286-1
- USN-4286-2
- USN-4286-2
- USN-4287-1
- USN-4287-1
- USN-4287-2
- USN-4287-2
Modified: 2024-11-21
CVE-2019-20812
An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.
- openSUSE-SU-2020:0801
- openSUSE-SU-2020:0801
- openSUSE-SU-2020:0935
- openSUSE-SU-2020:0935
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b43d1f9f7067c6759b1051e8ecb84e82cef569fe
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b43d1f9f7067c6759b1051e8ecb84e82cef569fe
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
Modified: 2024-11-21
CVE-2021-20177
A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.