Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:3210-1 Final 1 1 2020-11-06T14:40:26Z current 2020-11-06T14:40:26Z 2020-11-06T14:40:26Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) This update for the Linux Kernel 4.12.14-122_29 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2020-3210,SUSE-SLE-Live-Patching-12-SP4-2020-3210,SUSE-SLE-Live-Patching-12-SP4-2020-3212,SUSE-SLE-Live-Patching-12-SP5-2020-3203,SUSE-SLE-Live-Patching-12-SP5-2020-3223,SUSE-SLE-Live-Patching-12-SP5-2020-3224,SUSE-SLE-Live-Patching-12-SP5-2020-3232 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20203210-1/ Link for SUSE-SU-2020:3210-1 https://lists.suse.com/pipermail/sle-security-updates/2020-November/007726.html E-Mail link for SUSE-SU-2020:3210-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1175992 SUSE Bug 1175992 https://bugzilla.suse.com/1176012 SUSE Bug 1176012 https://bugzilla.suse.com/1176072 SUSE Bug 1176072 https://bugzilla.suse.com/1176382 SUSE Bug 1176382 https://www.suse.com/security/cve/CVE-2020-14381/ SUSE CVE CVE-2020-14381 page https://www.suse.com/security/cve/CVE-2020-14386/ SUSE CVE CVE-2020-14386 page https://www.suse.com/security/cve/CVE-2020-24394/ SUSE CVE CVE-2020-24394 page https://www.suse.com/security/cve/CVE-2020-25212/ SUSE CVE CVE-2020-25212 page SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Live Patching 12 SP5 kgraft-patch-4_12_14-95_57-default-3-2.1 kgraft-patch-4_12_14-95_54-default-3-2.2 kgraft-patch-4_12_14-122_23-default-3-2.2 kgraft-patch-4_12_14-122_32-default-3-2.1 kgraft-patch-4_12_14-122_26-default-3-2.2 kgraft-patch-4_12_14-122_29-default-3-2.1 kgraft-patch-4_12_14-95_57-default-3-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-95_54-default-3-2.2 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-122_23-default-3-2.2 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kgraft-patch-4_12_14-122_32-default-3-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kgraft-patch-4_12_14-122_26-default-3-2.2 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kgraft-patch-4_12_14-122_29-default-3-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP5 A flaw was found in the Linux kernel's futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-14381 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_23-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_26-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_29-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_32-default-3-2.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20203210-1/ https://www.suse.com/security/cve/CVE-2020-14381.html CVE-2020-14381 https://bugzilla.suse.com/1176011 SUSE Bug 1176011 https://bugzilla.suse.com/1176012 SUSE Bug 1176012 A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2020-14386 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_23-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_26-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_29-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_32-default-3-2.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20203210-1/ https://www.suse.com/security/cve/CVE-2020-14386.html CVE-2020-14386 https://bugzilla.suse.com/1176069 SUSE Bug 1176069 https://bugzilla.suse.com/1176072 SUSE Bug 1176072 In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. CVE-2020-24394 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_23-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_26-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_29-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_32-default-3-2.1 important 3.6 AV:L/AC:L/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20203210-1/ https://www.suse.com/security/cve/CVE-2020-24394.html CVE-2020-24394 https://bugzilla.suse.com/1175518 SUSE Bug 1175518 https://bugzilla.suse.com/1175992 SUSE Bug 1175992 A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. CVE-2020-25212 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_23-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_26-default-3-2.2 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_29-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_32-default-3-2.1 important 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20203210-1/ https://www.suse.com/security/cve/CVE-2020-25212.html CVE-2020-25212 https://bugzilla.suse.com/1176381 SUSE Bug 1176381 https://bugzilla.suse.com/1176382 SUSE Bug 1176382 https://bugzilla.suse.com/1177027 SUSE Bug 1177027