ALT-PU-2020-2022-1
Package kernel-image-un-def updated to version 4.19.123-alt0.M80C.1 for branch c8.1 in task 251750.
Closed vulnerabilities
BDU:2020-00851
Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2020-02427
Уязвимость функции pivot_root (fs/namespace.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2020-03819
Уязвимость функции enable_sacf_uaccess ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-02579
Уязвимость функции idle_book3s ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2022-03144
Уязвимость функции route4_change() (net/sched/cls_route.c) ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-3016
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
- http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
- http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
- [oss-security] 20200130 CVE-2019-3016: information leak within a KVM guest
- [oss-security] 20200130 CVE-2019-3016: information leak within a KVM guest
- https://bugzilla.redhat.com/show_bug.cgi?id=1792167
- https://bugzilla.redhat.com/show_bug.cgi?id=1792167
- https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7
- https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7
- https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e
- https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e
- https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589
- https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589
- https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e
- https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e
- https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796
- https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796
- https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini%40redhat.com/
- https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini%40redhat.com/
- https://security.netapp.com/advisory/ntap-20200313-0003/
- https://security.netapp.com/advisory/ntap-20200313-0003/
- USN-4300-1
- USN-4300-1
- USN-4301-1
- USN-4301-1
- DSA-4699
- DSA-4699
Modified: 2024-11-21
CVE-2020-11669
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.
- openSUSE-SU-2020:0543
- RHSA-2019:3517
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0
- https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html
- https://security.netapp.com/advisory/ntap-20200430-0001/
- USN-4363-1
- USN-4368-1
- openSUSE-SU-2020:0543
- USN-4368-1
- USN-4363-1
- https://security.netapp.com/advisory/ntap-20200430-0001/
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html
- https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- RHSA-2019:3517
Modified: 2024-11-21
CVE-2020-11884
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=215d1f3928713d6eaec67244bcda72105b898000
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3f777e19d171670ab558a6d5e6b1ac7f9b6c574f
- FEDORA-2020-b453269c4e
- FEDORA-2020-16f9239805
- FEDORA-2020-64d46a6e29
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4342-1
- USN-4343-1
- USN-4345-1
- DSA-4667
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=215d1f3928713d6eaec67244bcda72105b898000
- DSA-4667
- USN-4345-1
- USN-4343-1
- USN-4342-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- FEDORA-2020-64d46a6e29
- FEDORA-2020-16f9239805
- FEDORA-2020-b453269c4e
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3f777e19d171670ab558a6d5e6b1ac7f9b6c574f
Modified: 2024-11-21
CVE-2020-12114
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.
- openSUSE-SU-2020:0801
- http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
- http://www.openwall.com/lists/oss-security/2020/05/04/2
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- https://security.netapp.com/advisory/ntap-20200608-0001/
- USN-4387-1
- USN-4388-1
- USN-4389-1
- USN-4390-1
- USN-4391-1
- USN-4392-1
- DSA-4698
- DSA-4699
- https://www.oracle.com/security-alerts/cpuApr2021.html
- openSUSE-SU-2020:0801
- https://www.oracle.com/security-alerts/cpuApr2021.html
- DSA-4699
- DSA-4698
- USN-4392-1
- USN-4391-1
- USN-4390-1
- USN-4389-1
- USN-4388-1
- USN-4387-1
- https://security.netapp.com/advisory/ntap-20200608-0001/
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- http://www.openwall.com/lists/oss-security/2020/05/04/2
- http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
Modified: 2024-11-21
CVE-2021-3715
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.