ALT-PU-2020-3074-1
Package kernel-image-un-def updated to version 5.9.1-alt1 for branch sisyphus in task 260081.
Closed vulnerabilities
BDU:2020-04337
Уязвимость функции fbcon_redraw_softback ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2020-04339
Уязвимость реализации файловой системы XFS операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2020-05383
Уязвимость реализации протокола GENEVE (Generic Network Virtualization Encapsulation) ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2020-05701
Уязвимость функции iov_iter_copy_from_user_atomic () ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-14385
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability.
- openSUSE-SU-2020:1586
- openSUSE-SU-2020:1586
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14385
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14385
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4020438fab05364018c91f7e02ebdd192085933
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4020438fab05364018c91f7e02ebdd192085933
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- USN-4576-1
- USN-4576-1
Modified: 2024-11-21
CVE-2020-14390
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
- openSUSE-SU-2020:1586
- openSUSE-SU-2020:1586
- openSUSE-SU-2020:1655
- openSUSE-SU-2020:1655
- https://bugzilla.redhat.com/show_bug.cgi?id=1876788
- https://bugzilla.redhat.com/show_bug.cgi?id=1876788
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
Modified: 2024-11-21
CVE-2020-25641
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
- openSUSE-SU-2020:1655
- openSUSE-SU-2020:1655
- openSUSE-SU-2020:1698
- openSUSE-SU-2020:1698
- [oss-security] 20201006 Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs.
- [oss-security] 20201006 Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs.
- https://bugzilla.redhat.com/show_bug.cgi?id=1881424
- https://bugzilla.redhat.com/show_bug.cgi?id=1881424
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- USN-4576-1
- USN-4576-1
- https://www.kernel.org/doc/html/latest/block/biovecs.html
- https://www.kernel.org/doc/html/latest/block/biovecs.html
Modified: 2024-11-21
CVE-2020-25645
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
- openSUSE-SU-2020:1682
- openSUSE-SU-2020:1682
- openSUSE-SU-2020:1698
- openSUSE-SU-2020:1698
- http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
- http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1883988
- https://bugzilla.redhat.com/show_bug.cgi?id=1883988
- [debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update
- [debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- https://security.netapp.com/advisory/ntap-20201103-0004/
- https://security.netapp.com/advisory/ntap-20201103-0004/
- DSA-4774
- DSA-4774