Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:1779-1 Final 1 1 2020-06-26T07:00:50Z current 2020-06-26T07:00:50Z 2020-06-26T07:00:50Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) This update for the Linux Kernel 4.4.180-94_116 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172437). - CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171254). - CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171252). - CVE-2020-1749: Fixed an issue where some ipv6 protocols were not encrypted over ipsec tunnel (bsc#1165631). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2020-1779,SUSE-SLE-SAP-12-SP3-2020-1779,SUSE-SLE-SERVER-12-SP3-2020-1779 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20201779-1/ Link for SUSE-SU-2020:1779-1 https://lists.suse.com/pipermail/sle-security-updates/2020-June/007044.html E-Mail link for SUSE-SU-2020:1779-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1165631 SUSE Bug 1165631 https://bugzilla.suse.com/1171252 SUSE Bug 1171252 https://bugzilla.suse.com/1171254 SUSE Bug 1171254 https://bugzilla.suse.com/1172437 SUSE Bug 1172437 https://www.suse.com/security/cve/CVE-2020-10757/ SUSE CVE CVE-2020-10757 page https://www.suse.com/security/cve/CVE-2020-12653/ SUSE CVE CVE-2020-12653 page https://www.suse.com/security/cve/CVE-2020-12654/ SUSE CVE CVE-2020-12654 page https://www.suse.com/security/cve/CVE-2020-1749/ SUSE CVE CVE-2020-1749 page SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_180-94_116-default-2-2.1 kgraft-patch-4_4_180-94_116-default-2-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_180-94_116-default-2-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. CVE-2020-10757 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_116-default-2-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_116-default-2-2.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20201779-1/ https://www.suse.com/security/cve/CVE-2020-10757.html CVE-2020-10757 https://bugzilla.suse.com/1159281 SUSE Bug 1159281 https://bugzilla.suse.com/1172317 SUSE Bug 1172317 https://bugzilla.suse.com/1172437 SUSE Bug 1172437 An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. CVE-2020-12653 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_116-default-2-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_116-default-2-2.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20201779-1/ https://www.suse.com/security/cve/CVE-2020-12653.html CVE-2020-12653 https://bugzilla.suse.com/1159281 SUSE Bug 1159281 https://bugzilla.suse.com/1171195 SUSE Bug 1171195 https://bugzilla.suse.com/1171254 SUSE Bug 1171254 An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. CVE-2020-12654 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_116-default-2-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_116-default-2-2.1 important 4.3 AV:A/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20201779-1/ https://www.suse.com/security/cve/CVE-2020-12654.html CVE-2020-12654 https://bugzilla.suse.com/1159281 SUSE Bug 1159281 https://bugzilla.suse.com/1171202 SUSE Bug 1171202 https://bugzilla.suse.com/1171252 SUSE Bug 1171252 A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality. CVE-2020-1749 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_116-default-2-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_116-default-2-2.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20201779-1/ https://www.suse.com/security/cve/CVE-2020-1749.html CVE-2020-1749 https://bugzilla.suse.com/1165629 SUSE Bug 1165629 https://bugzilla.suse.com/1165631 SUSE Bug 1165631 https://bugzilla.suse.com/1177511 SUSE Bug 1177511 https://bugzilla.suse.com/1177513 SUSE Bug 1177513 https://bugzilla.suse.com/1189302 SUSE Bug 1189302