Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:3122-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:3122-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:3122-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-25285: A race condition between hugetlb sysctl handlers in
mm/hugetlb.c could be used by local attackers to corrupt memory, cause a
NULL pointer dereference, or possibly have unspecified other impact

CVE-2020-16120: Fixed permission check to open real file when using
overlayfs. It was possible to have a file not readable by an
unprivileged user be copied to a mountpoint controlled by that user and
then be able to access the file. (bsc#1177470)

CVE-2020-14351: Fixed a race condition in the perf_mmap_close() function

The following non-security bugs were fixed:

ACPI: Always build evged in (git-fixes).

ACPI: button: fix handling lid state changes when input device closed

ACPI: configfs: Add missing config_item_put() to fix refcount leak

acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).

ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).


ALSA: ac97: (cosmetic) align argument names (git-fixes).

ALSA: aoa: i2sbus: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).

ALSA: asihpi: fix spellint typo in comments (git-fixes).

ALSA: atmel: ac97: clarify operator precedence (git-fixes).

ALSA: bebob: potential info leak in hwdep_read() (git-fixes).

ALSA: compress_offload: remove redundant initialization (git-fixes).

ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).

ALSA: core: pcm: simplify locking for timers (git-fixes).

ALSA: core: timer: clarify operator precedence (git-fixes).

ALSA: core: timer: remove redundant assignment (git-fixes).

ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock

ALSA: fireworks: use semicolons rather than commas to separate
statements (git-fixes).

ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).

ALSA: hda: (cosmetic) align function parameters (git-fixes).

ALSA: hda - Do not register a cb func if it is registered already

ALSA: hda - Fix the return value if cb func is already registered

ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (git-fixes).

ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7

ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887

ALSA: hda/realtek - set mic to auto detect on a HP AIO machine

ALSA: hda/realtek - The front Mic on a HP machine does not work

ALSA: hda: use semicolons rather than commas to separate statements

ALSA: hdspm: Fix typo arbitrary (git-fixes).

ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).

ALSA: portman2x4: fix repeated word 'if' (git-fixes).

ALSA: rawmidi: (cosmetic) align function pa... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 15-SP2, SUSE Linux Enterprise Module for Live Patching 15-SP2, SUSE Linux Enterprise Module for Legacy Software 15-SP2, SUSE Linux Enterprise Module for Development Tools 15-SP2, SUSE Linux Enterprise Module for Basesystem 15-SP2, SUSE Linux Enterprise High Availability 15-SP2

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-14351
Common Vulnerability Exposure (CVE) ID: CVE-2020-16120
Common Vulnerability Exposure (CVE) ID: CVE-2020-25285
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.