ALT-PU-2020-3556-1
Package kernel-image-mp updated to version 5.9.16-alt1 for branch sisyphus in task 263845.
Closed vulnerabilities
BDU:2020-04797
Уязвимость компонента net/bluetooth/l2cap_core.c ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2021-00005
Уязвимость компонента drivers/tty/tty_jobctrl.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2021-00006
Уязвимость компонентов drivers/tty/tty_jobctrl.c и drivers/tty/tty_io.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2024-11-21
CVE-2020-12351
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351
- http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351
Modified: 2024-11-21
CVE-2020-27830
A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.
- [oss-security] 20201208 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
- [oss-security] 20201208 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
- [oss-security] 20201208 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
- [oss-security] 20201208 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
- https://bugzilla.redhat.com/show_bug.cgi?id=1919900
- https://bugzilla.redhat.com/show_bug.cgi?id=1919900
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- https://security.netapp.com/advisory/ntap-20210625-0004/
- https://security.netapp.com/advisory/ntap-20210625-0004/
- DSA-4843
- DSA-4843
Modified: 2024-11-21
CVE-2020-29660
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
- http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html
- http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html
- [oss-security] 20201210 2 kernel issues
- [oss-security] 20201210 2 kernel issues
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c8bcd9c5be24fb9e6132e97da5a35e55a83e36b9
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c8bcd9c5be24fb9e6132e97da5a35e55a83e36b9
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
- FEDORA-2020-bc0cc81a7a
- FEDORA-2020-bc0cc81a7a
- FEDORA-2020-b732958765
- FEDORA-2020-b732958765
- https://security.netapp.com/advisory/ntap-20210122-0001/
- https://security.netapp.com/advisory/ntap-20210122-0001/
- DSA-4843
- DSA-4843
Modified: 2024-11-21
CVE-2020-29661
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
- http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html
- http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html
- http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html
- http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html
- [oss-security] 20201210 2 kernel issues
- [oss-security] 20201210 2 kernel issues
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
- FEDORA-2020-bc0cc81a7a
- FEDORA-2020-bc0cc81a7a
- FEDORA-2020-b732958765
- FEDORA-2020-b732958765
- https://security.netapp.com/advisory/ntap-20210122-0001/
- https://security.netapp.com/advisory/ntap-20210122-0001/
- DSA-4843
- DSA-4843
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuoct2021.html