ALT-PU-2020-3256-1
Package kernel-image-un-def updated to version 5.9.7-alt1 for branch sisyphus in task 261490.
Closed vulnerabilities
BDU:2020-05544
Уязвимость функции KD_FONT_OP_COPY драйвера fbcon ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-27815
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
- [oss-security] 20201201 CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree
- [oss-security] 20201201 CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree
- [oss-security] 20201228 Re: CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree
- [oss-security] 20201228 Re: CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree
- https://bugzilla.redhat.com/show_bug.cgi?id=1897668%2C
- https://bugzilla.redhat.com/show_bug.cgi?id=1897668%2C
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
- https://security.netapp.com/advisory/ntap-20210702-0004/
- https://security.netapp.com/advisory/ntap-20210702-0004/
- DSA-4843
- DSA-4843
- https://www.openwall.com/lists/oss-security/2020/11/30/5%2C
- https://www.openwall.com/lists/oss-security/2020/11/30/5%2C
- https://www.openwall.com/lists/oss-security/2020/12/28/1%2C
- https://www.openwall.com/lists/oss-security/2020/12/28/1%2C
Modified: 2024-11-21
CVE-2020-28974
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.
- [oss-security] 20201124 Re: Linux kernel slab-out-of-bounds Read in fbcon
- [oss-security] 20201124 Re: Linux kernel slab-out-of-bounds Read in fbcon
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.7
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.7
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4e0dff2095c579b142d5a0693257f1c58b4804
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4e0dff2095c579b142d5a0693257f1c58b4804
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- https://seclists.org/oss-sec/2020/q4/104
- https://seclists.org/oss-sec/2020/q4/104
- https://security.netapp.com/advisory/ntap-20210108-0003/
- https://security.netapp.com/advisory/ntap-20210108-0003/