Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-12352 (GCVE-0-2020-12352)
Vulnerability from cvelistv5 – Published: 2020-11-23 16:15 – Updated: 2024-08-04 11:56
VLAI
EPSS
Summary
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
Severity
No CVSS data available.
CWE
- information disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | x_refsource_MISC |
| http://packetstormsecurity.com/files/161229/Kerne… | x_refsource_MISC |
| http://packetstormsecurity.com/files/162131/Linux… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:51.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlueZ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-08T15:06:21.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlueZ",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
},
{
"name": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"name": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-12352",
"datePublished": "2020-11-23T16:15:54.000Z",
"dateReserved": "2020-04-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:56:51.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-12352",
"date": "2026-05-27",
"epss": "0.02388",
"percentile": "0.85222"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-12352\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2020-11-23T17:15:12.313\",\"lastModified\":\"2024-11-21T04:59:33.537\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.\"},{\"lang\":\"es\",\"value\":\"Un control de acceso inapropiado en BlueZ puede permitir a un usuario no autenticado habilitar potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio de un acceso adyacente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":3.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-909\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4\",\"versionEndExcluding\":\"5.4.72\",\"matchCriteriaId\":\"C80C1FD8-F215-4D0F-BEE9-19828D469E40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.8.0\",\"versionEndExcluding\":\"5.8.16\",\"matchCriteriaId\":\"7BDBCEEC-9FE9-443E-9390-A4482628E1A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.9.0\",\"versionEndIncluding\":\"5.9.13\",\"matchCriteriaId\":\"495DCAB3-4E54-4834-B819-24D7DE5080E3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44048534-EE46-4AEE-B776-33273C37B1E6\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2020-AVI-776
Vulnerability from certfr_avis - Published: 2020-11-26 - Updated: 2020-11-26
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-BCL | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP2 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | N/A | SUSE Enterprise Storage 5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP3 | ||
| SUSE | N/A | HPE Helion Openstack 8 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-BCL | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 | ||
| SUSE | N/A | SUSE OpenStack Cloud 8 | ||
| SUSE | N/A | SUSE OpenStack Cloud 7 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP1 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 8 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP3 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "HPE Helion Openstack 8",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 8",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-14390",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14390"
},
{
"name": "CVE-2020-28974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28974"
},
{
"name": "CVE-2020-25285",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25285"
},
{
"name": "CVE-2020-12351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12351"
},
{
"name": "CVE-2020-25284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25284"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2020-25212",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25212"
},
{
"name": "CVE-2020-0404",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0404"
},
{
"name": "CVE-2020-16120",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16120"
},
{
"name": "CVE-2019-19063",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
},
{
"name": "CVE-2020-26088",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26088"
},
{
"name": "CVE-2020-0430",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0430"
},
{
"name": "CVE-2020-24490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24490"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2020-0432",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0432"
},
{
"name": "CVE-2020-12352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12352"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2017-18204",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18204"
},
{
"name": "CVE-2020-25668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25668"
},
{
"name": "CVE-2020-8694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8694"
},
{
"name": "CVE-2020-14351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14351"
},
{
"name": "CVE-2020-25643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25643"
},
{
"name": "CVE-2020-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25645"
},
{
"name": "CVE-2020-25641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25641"
},
{
"name": "CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
},
{
"name": "CVE-2020-0431",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0431"
},
{
"name": "CVE-2019-6133",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6133"
},
{
"name": "CVE-2020-14381",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14381"
}
],
"initial_release_date": "2020-11-26T00:00:00",
"last_revision_date": "2020-11-26T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-776",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-11-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203512-1 du 25 novembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203512-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203501-1 du 24 novembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203501-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203513-1 du 25 novembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203513-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203503-1 du 24 novembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203503-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203522-1 du 25 novembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203522-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203507-1 du 24 novembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203507-1/"
}
]
}
CERTFR-2020-AVI-784
Vulnerability from certfr_avis - Published: 2020-12-01 - Updated: 2020-12-01
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-ESPOS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15 | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-14390",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14390"
},
{
"name": "CVE-2020-25285",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25285"
},
{
"name": "CVE-2020-12351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12351"
},
{
"name": "CVE-2020-25284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25284"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2020-25212",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25212"
},
{
"name": "CVE-2020-0404",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0404"
},
{
"name": "CVE-2020-16120",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16120"
},
{
"name": "CVE-2020-26088",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26088"
},
{
"name": "CVE-2020-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2521"
},
{
"name": "CVE-2020-0430",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0430"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2020-0432",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0432"
},
{
"name": "CVE-2020-12352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12352"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2020-25668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25668"
},
{
"name": "CVE-2020-8694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8694"
},
{
"name": "CVE-2020-14351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14351"
},
{
"name": "CVE-2020-25643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25643"
},
{
"name": "CVE-2020-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25645"
},
{
"name": "CVE-2020-27675",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27675"
},
{
"name": "CVE-2020-25641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25641"
},
{
"name": "CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
},
{
"name": "CVE-2020-0431",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0431"
},
{
"name": "CVE-2020-27673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27673"
},
{
"name": "CVE-2020-14381",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14381"
}
],
"initial_release_date": "2020-12-01T00:00:00",
"last_revision_date": "2020-12-01T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-784",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nun contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203532-1 du 1 d\u00e9cembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203532-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203544-1 du 1 d\u00e9cembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203544-1/"
}
]
}
CERTFR-2020-AVI-786
Vulnerability from certfr_avis - Published: 2020-12-02 - Updated: 2020-12-03
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Ubuntu | Ubuntu | Ubuntu 16.04 LTS (Xenial Xerus) | ||
| Ubuntu | Ubuntu | Ubuntu 14.04 ESM (Trusty Tahr) | ||
| Ubuntu | Ubuntu | Ubuntu 20.04 LTS (Focal Fossa) | ||
| Ubuntu | Ubuntu | Ubuntu 12.04 ESM (Precise Pangolin) | ||
| Ubuntu | Ubuntu | Ubuntu 18.04 LTS (Bionic Beaver) | ||
| Ubuntu | Ubuntu | Ubuntu 20.10 (Groovy Gorilla) | ||
| Ubuntu | Ubuntu | Ubuntu 21.04 (Hirsute Hippo) |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS (Xenial Xerus)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM (Trusty Tahr)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS (Focal Fossa)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 ESM (Precise Pangolin)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS (Bionic Beaver)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.10 (Groovy Gorilla)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 21.04 (Hirsute Hippo)",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-14390",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14390"
},
{
"name": "CVE-2020-28915",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28915"
},
{
"name": "CVE-2020-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27152"
},
{
"name": "CVE-2020-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4788"
},
{
"name": "CVE-2020-25284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25284"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2020-12352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12352"
},
{
"name": "CVE-2020-25211",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25211"
},
{
"name": "CVE-2020-14351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14351"
},
{
"name": "CVE-2020-10135",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10135"
},
{
"name": "CVE-2020-25643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25643"
},
{
"name": "CVE-2020-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25645"
},
{
"name": "CVE-2020-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0423"
},
{
"name": "CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
}
],
"initial_release_date": "2020-12-02T00:00:00",
"last_revision_date": "2020-12-03T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-786",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-02T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 USN-4660-1 du 3 d\u00e9cembre 2020",
"revision_date": "2020-12-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement\nde la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4658-1 du 2 d\u00e9cembre 2020",
"url": "https://ubuntu.com/security/notices/USN-4658-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4657-1 du 2 d\u00e9cembre 2020",
"url": "https://ubuntu.com/security/notices/USN-4657-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4660-1 du 3 d\u00e9cembre 2020",
"url": "https://ubuntu.com/security/notices/USN-4660-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4659-1 du 2 d\u00e9cembre 2020",
"url": "https://ubuntu.com/security/notices/USN-4659-1"
}
]
}
CERTFR-2024-AVI-1108
Vulnerability from certfr_avis - Published: 2024-12-27 - Updated: 2024-12-27
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-47748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47748"
},
{
"name": "CVE-2024-49863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49863"
},
{
"name": "CVE-2024-49907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49907"
},
{
"name": "CVE-2024-46849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46849"
},
{
"name": "CVE-2024-47697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47697"
},
{
"name": "CVE-2024-41016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41016"
},
{
"name": "CVE-2024-49890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49890"
},
{
"name": "CVE-2024-49903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49903"
},
{
"name": "CVE-2024-49969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49969"
},
{
"name": "CVE-2021-47076",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47076"
},
{
"name": "CVE-2023-52904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52904"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2023-52621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40973"
},
{
"name": "CVE-2024-35951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35951"
},
{
"name": "CVE-2024-49967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49967"
},
{
"name": "CVE-2024-35965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35965"
},
{
"name": "CVE-2024-49858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49858"
},
{
"name": "CVE-2024-42158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42158"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-49948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49948"
},
{
"name": "CVE-2024-35966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35966"
},
{
"name": "CVE-2024-50038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50038"
},
{
"name": "CVE-2024-49878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49878"
},
{
"name": "CVE-2024-46855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46855"
},
{
"name": "CVE-2024-49884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49884"
},
{
"name": "CVE-2020-12351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12351"
},
{
"name": "CVE-2024-46724",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
},
{
"name": "CVE-2024-47673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47673"
},
{
"name": "CVE-2024-50024",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50024"
},
{
"name": "CVE-2024-47684",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47684"
},
{
"name": "CVE-2024-49965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49965"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-49852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49852"
},
{
"name": "CVE-2024-47701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47701"
},
{
"name": "CVE-2024-50191",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50191"
},
{
"name": "CVE-2024-47713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47713"
},
{
"name": "CVE-2024-49936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49936"
},
{
"name": "CVE-2024-49871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49871"
},
{
"name": "CVE-2024-49881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49881"
},
{
"name": "CVE-2024-47690",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47690"
},
{
"name": "CVE-2024-42068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42068"
},
{
"name": "CVE-2024-49896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49896"
},
{
"name": "CVE-2024-49959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49959"
},
{
"name": "CVE-2024-49913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49913"
},
{
"name": "CVE-2024-47693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47693"
},
{
"name": "CVE-2024-50045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50045"
},
{
"name": "CVE-2024-49995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49995"
},
{
"name": "CVE-2024-39463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39463"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-49900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49900"
},
{
"name": "CVE-2024-47679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47679"
},
{
"name": "CVE-2024-47735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47735"
},
{
"name": "CVE-2024-49952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49952"
},
{
"name": "CVE-2024-49981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49981"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50181"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2024-49997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49997"
},
{
"name": "CVE-2024-50002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50002"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-36952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
},
{
"name": "CVE-2024-50040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50040"
},
{
"name": "CVE-2024-49983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49983"
},
{
"name": "CVE-2024-49889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49889"
},
{
"name": "CVE-2024-36938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
},
{
"name": "CVE-2024-27072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27072"
},
{
"name": "CVE-2024-50013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50013"
},
{
"name": "CVE-2024-49957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49957"
},
{
"name": "CVE-2024-49962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49962"
},
{
"name": "CVE-2024-46859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46859"
},
{
"name": "CVE-2024-49958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49958"
},
{
"name": "CVE-2024-47723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47723"
},
{
"name": "CVE-2024-49955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49955"
},
{
"name": "CVE-2024-50095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50095"
},
{
"name": "CVE-2024-50006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50006"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-50049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50049"
},
{
"name": "CVE-2024-50007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50007"
},
{
"name": "CVE-2024-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50096"
},
{
"name": "CVE-2020-24490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24490"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2024-49868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49868"
},
{
"name": "CVE-2024-47699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47699"
},
{
"name": "CVE-2024-50062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50062"
},
{
"name": "CVE-2024-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50059"
},
{
"name": "CVE-2024-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
},
{
"name": "CVE-2023-52488",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52488"
},
{
"name": "CVE-2024-47712",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47712"
},
{
"name": "CVE-2024-49963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49963"
},
{
"name": "CVE-2024-49875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49875"
},
{
"name": "CVE-2024-47739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47739"
},
{
"name": "CVE-2024-47705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47705"
},
{
"name": "CVE-2024-50035",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50035"
},
{
"name": "CVE-2024-47740",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47740"
},
{
"name": "CVE-2024-46854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46854"
},
{
"name": "CVE-2024-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
},
{
"name": "CVE-2024-26947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26947"
},
{
"name": "CVE-2024-49938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49938"
},
{
"name": "CVE-2020-12352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12352"
},
{
"name": "CVE-2024-47756",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47756"
},
{
"name": "CVE-2024-47737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47737"
},
{
"name": "CVE-2024-49954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49954"
},
{
"name": "CVE-2023-52639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52639"
},
{
"name": "CVE-2024-50008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50008"
},
{
"name": "CVE-2024-46695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46695"
},
{
"name": "CVE-2024-50033",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50033"
},
{
"name": "CVE-2024-44942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44942"
},
{
"name": "CVE-2024-50180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50180"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49949"
},
{
"name": "CVE-2024-50046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50046"
},
{
"name": "CVE-2024-49944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49944"
},
{
"name": "CVE-2024-47749",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47749"
},
{
"name": "CVE-2024-49966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49966"
},
{
"name": "CVE-2024-49902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49902"
},
{
"name": "CVE-2024-47757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47757"
},
{
"name": "CVE-2024-47692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47692"
},
{
"name": "CVE-2023-52498",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52498"
},
{
"name": "CVE-2024-40910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40910"
},
{
"name": "CVE-2024-50184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50184"
},
{
"name": "CVE-2024-38667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38667"
},
{
"name": "CVE-2024-49851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49851"
},
{
"name": "CVE-2023-52497",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
},
{
"name": "CVE-2024-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
},
{
"name": "CVE-2022-48943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48943"
},
{
"name": "CVE-2024-42077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42077"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-49933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49933"
},
{
"name": "CVE-2024-47685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47685"
},
{
"name": "CVE-2024-49935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49935"
},
{
"name": "CVE-2024-49879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49879"
},
{
"name": "CVE-2024-50044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50044"
},
{
"name": "CVE-2024-49894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49894"
},
{
"name": "CVE-2024-47718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47718"
},
{
"name": "CVE-2024-44940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44940"
},
{
"name": "CVE-2024-49867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49867"
},
{
"name": "CVE-2024-47671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47671"
},
{
"name": "CVE-2024-49985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49985"
},
{
"name": "CVE-2024-50001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50001"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-47710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47710"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-49892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49892"
},
{
"name": "CVE-2024-49930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49930"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-47698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47698"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2024-26822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-47695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47695"
},
{
"name": "CVE-2024-50039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50039"
},
{
"name": "CVE-2024-49973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49973"
},
{
"name": "CVE-2024-49883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49883"
},
{
"name": "CVE-2022-48733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48733"
},
{
"name": "CVE-2023-52821",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52821"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47670"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-46852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46852"
},
{
"name": "CVE-2024-50003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50003"
},
{
"name": "CVE-2024-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49860"
},
{
"name": "CVE-2024-36893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36893"
},
{
"name": "CVE-2024-44931",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44931"
},
{
"name": "CVE-2024-49927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49927"
},
{
"name": "CVE-2021-47501",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47501"
},
{
"name": "CVE-2024-49895",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49895"
},
{
"name": "CVE-2024-49882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49882"
},
{
"name": "CVE-2024-50031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50031"
},
{
"name": "CVE-2024-35904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35904"
},
{
"name": "CVE-2024-49975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49975"
},
{
"name": "CVE-2024-50179",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50179"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-46853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46853"
},
{
"name": "CVE-2024-43904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43904"
},
{
"name": "CVE-2024-50015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50015"
},
{
"name": "CVE-2024-36968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36968"
},
{
"name": "CVE-2024-47674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47674"
},
{
"name": "CVE-2024-50188",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50188"
},
{
"name": "CVE-2023-52917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52917"
},
{
"name": "CVE-2024-38597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
},
{
"name": "CVE-2024-49982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49982"
},
{
"name": "CVE-2021-47101",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47101"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-42156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42156"
},
{
"name": "CVE-2024-38544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
},
{
"name": "CVE-2024-47720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47720"
},
{
"name": "CVE-2024-47742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47742"
},
{
"name": "CVE-2024-47709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47709"
},
{
"name": "CVE-2024-47706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47706"
},
{
"name": "CVE-2024-47747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47747"
},
{
"name": "CVE-2024-49877",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49877"
},
{
"name": "CVE-2024-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2021-47001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47001"
},
{
"name": "CVE-2024-35967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35967"
},
{
"name": "CVE-2024-36953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
},
{
"name": "CVE-2024-46858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46858"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
}
],
"initial_release_date": "2024-12-27T00:00:00",
"last_revision_date": "2024-12-27T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1108",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2024-12-20",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7166-3",
"url": "https://ubuntu.com/security/notices/USN-7166-3"
},
{
"published_at": "2024-12-20",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7173-2",
"url": "https://ubuntu.com/security/notices/USN-7173-2"
},
{
"published_at": "2024-12-20",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7159-4",
"url": "https://ubuntu.com/security/notices/USN-7159-4"
},
{
"published_at": "2024-12-20",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7179-1",
"url": "https://ubuntu.com/security/notices/USN-7179-1"
}
]
}
CERTFR-2025-AVI-0022
Vulnerability from certfr_avis - Published: 2025-01-10 - Updated: 2025-01-10
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-12351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12351"
},
{
"name": "CVE-2020-24490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24490"
},
{
"name": "CVE-2020-12352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12352"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2023-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
},
{
"name": "CVE-2023-35827",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35827"
},
{
"name": "CVE-2024-25744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
},
{
"name": "CVE-2024-26625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
},
{
"name": "CVE-2023-52594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
},
{
"name": "CVE-2021-47076",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47076"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2024-26607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2021-47101",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47101"
},
{
"name": "CVE-2023-52486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
},
{
"name": "CVE-2023-52509",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52509"
},
{
"name": "CVE-2023-52639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52639"
},
{
"name": "CVE-2023-52497",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
},
{
"name": "CVE-2023-52507",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52507"
},
{
"name": "CVE-2021-47082",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47082"
},
{
"name": "CVE-2023-52621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
},
{
"name": "CVE-2024-26800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26800"
},
{
"name": "CVE-2024-26777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26777"
},
{
"name": "CVE-2021-47118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47118"
},
{
"name": "CVE-2023-52488",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52488"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2021-47001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47001"
},
{
"name": "CVE-2023-52498",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52498"
},
{
"name": "CVE-2024-26669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26669"
},
{
"name": "CVE-2024-27072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27072"
},
{
"name": "CVE-2024-26893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26893"
},
{
"name": "CVE-2024-36941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
},
{
"name": "CVE-2024-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36946"
},
{
"name": "CVE-2024-36953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
},
{
"name": "CVE-2021-47501",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47501"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2023-52821",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52821"
},
{
"name": "CVE-2024-26822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
},
{
"name": "CVE-2024-26921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26921"
},
{
"name": "CVE-2024-35847",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35847"
},
{
"name": "CVE-2024-35904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35904"
},
{
"name": "CVE-2024-35951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35951"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-35965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35965"
},
{
"name": "CVE-2024-35966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35966"
},
{
"name": "CVE-2024-35967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35967"
},
{
"name": "CVE-2024-36893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36893"
},
{
"name": "CVE-2024-36938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
},
{
"name": "CVE-2024-36952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
},
{
"name": "CVE-2024-35886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35886"
},
{
"name": "CVE-2024-36004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
},
{
"name": "CVE-2024-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
},
{
"name": "CVE-2024-26947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26947"
},
{
"name": "CVE-2022-48733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48733"
},
{
"name": "CVE-2024-38544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
},
{
"name": "CVE-2024-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
},
{
"name": "CVE-2024-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
},
{
"name": "CVE-2024-38597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
},
{
"name": "CVE-2024-38619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
},
{
"name": "CVE-2024-39301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2024-36270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
},
{
"name": "CVE-2024-40910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40910"
},
{
"name": "CVE-2024-40912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40912"
},
{
"name": "CVE-2024-40915",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40915"
},
{
"name": "CVE-2024-40959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40959"
},
{
"name": "CVE-2024-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
},
{
"name": "CVE-2024-38611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
},
{
"name": "CVE-2024-39463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39463"
},
{
"name": "CVE-2024-36968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36968"
},
{
"name": "CVE-2024-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
},
{
"name": "CVE-2024-38577",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
},
{
"name": "CVE-2024-41011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
},
{
"name": "CVE-2024-39472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39472"
},
{
"name": "CVE-2023-52751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52751"
},
{
"name": "CVE-2024-41017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41017"
},
{
"name": "CVE-2024-41090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
},
{
"name": "CVE-2024-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
},
{
"name": "CVE-2021-47086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47086"
},
{
"name": "CVE-2024-41012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41012"
},
{
"name": "CVE-2024-41015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41015"
},
{
"name": "CVE-2024-41016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41016"
},
{
"name": "CVE-2024-41059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41059"
},
{
"name": "CVE-2024-41060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41060"
},
{
"name": "CVE-2024-41063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41063"
},
{
"name": "CVE-2024-41064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41064"
},
{
"name": "CVE-2024-41070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41070"
},
{
"name": "CVE-2024-41071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41071"
},
{
"name": "CVE-2024-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41072"
},
{
"name": "CVE-2024-41078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41078"
},
{
"name": "CVE-2024-41081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41081"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2022-48666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48666"
},
{
"name": "CVE-2024-36484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36484"
},
{
"name": "CVE-2024-41020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41020"
},
{
"name": "CVE-2024-41022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41022"
},
{
"name": "CVE-2024-41065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41065"
},
{
"name": "CVE-2024-41068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41068"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-42101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42101"
},
{
"name": "CVE-2024-42153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42153"
},
{
"name": "CVE-2024-41073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-38667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38667"
},
{
"name": "CVE-2024-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40973"
},
{
"name": "CVE-2024-42068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42068"
},
{
"name": "CVE-2024-42077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42077"
},
{
"name": "CVE-2024-42090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42090"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2024-42270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42270"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2022-48943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48943"
},
{
"name": "CVE-2023-52889",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52889"
},
{
"name": "CVE-2023-52904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52904"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2024-41098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41098"
},
{
"name": "CVE-2024-42114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42114"
},
{
"name": "CVE-2024-42126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42126"
},
{
"name": "CVE-2024-42156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42156"
},
{
"name": "CVE-2024-42158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42158"
},
{
"name": "CVE-2024-42246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42246"
},
{
"name": "CVE-2024-42259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42259"
},
{
"name": "CVE-2024-42268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42268"
},
{
"name": "CVE-2024-42269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42269"
},
{
"name": "CVE-2024-42271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42271"
},
{
"name": "CVE-2024-42274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42274"
},
{
"name": "CVE-2024-42276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42276"
},
{
"name": "CVE-2024-42277",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42277"
},
{
"name": "CVE-2024-42278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42278"
},
{
"name": "CVE-2024-42279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42279"
},
{
"name": "CVE-2024-42280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42280"
},
{
"name": "CVE-2024-42281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42281"
},
{
"name": "CVE-2024-42283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42283"
},
{
"name": "CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"name": "CVE-2024-42285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42285"
},
{
"name": "CVE-2024-42286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42286"
},
{
"name": "CVE-2024-42287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42287"
},
{
"name": "CVE-2024-42288",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42288"
},
{
"name": "CVE-2024-42289",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42289"
},
{
"name": "CVE-2024-42290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42290"
},
{
"name": "CVE-2024-42291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42291"
},
{
"name": "CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"name": "CVE-2024-42295",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42295"
},
{
"name": "CVE-2024-42298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42298"
},
{
"name": "CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"name": "CVE-2024-42302",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42302"
},
{
"name": "CVE-2024-42303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42303"
},
{
"name": "CVE-2024-42309",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42309"
},
{
"name": "CVE-2024-42310",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42310"
},
{
"name": "CVE-2024-42311",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42311"
},
{
"name": "CVE-2024-42312",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42312"
},
{
"name": "CVE-2024-42313",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42313"
},
{
"name": "CVE-2024-42314",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42314"
},
{
"name": "CVE-2024-42315",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42315"
},
{
"name": "CVE-2024-42316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42316"
},
{
"name": "CVE-2024-42318",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42318"
},
{
"name": "CVE-2024-42319",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42319"
},
{
"name": "CVE-2024-42320",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42320"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43818"
},
{
"name": "CVE-2024-43819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43819"
},
{
"name": "CVE-2024-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43821"
},
{
"name": "CVE-2024-43823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43823"
},
{
"name": "CVE-2024-43824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43824"
},
{
"name": "CVE-2024-43825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43825"
},
{
"name": "CVE-2024-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43826"
},
{
"name": "CVE-2024-43829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43829"
},
{
"name": "CVE-2024-43830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43830"
},
{
"name": "CVE-2024-43831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43831"
},
{
"name": "CVE-2024-43833",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43833"
},
{
"name": "CVE-2024-43834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43834"
},
{
"name": "CVE-2024-43837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43837"
},
{
"name": "CVE-2024-43839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43839"
},
{
"name": "CVE-2024-43840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43840"
},
{
"name": "CVE-2024-43841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43841"
},
{
"name": "CVE-2024-43842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43842"
},
{
"name": "CVE-2024-43846",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43846"
},
{
"name": "CVE-2024-43847",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43847"
},
{
"name": "CVE-2024-43849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43849"
},
{
"name": "CVE-2024-43850",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43850"
},
{
"name": "CVE-2024-43853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43853"
},
{
"name": "CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"name": "CVE-2024-43856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43856"
},
{
"name": "CVE-2024-43858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43858"
},
{
"name": "CVE-2024-43860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43860"
},
{
"name": "CVE-2024-43861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43861"
},
{
"name": "CVE-2024-43863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43863"
},
{
"name": "CVE-2024-43864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43864"
},
{
"name": "CVE-2024-43866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43866"
},
{
"name": "CVE-2024-43867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43867"
},
{
"name": "CVE-2024-43871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43871"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43875"
},
{
"name": "CVE-2024-43876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43876"
},
{
"name": "CVE-2024-43877",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43877"
},
{
"name": "CVE-2024-43879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43879"
},
{
"name": "CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"name": "CVE-2024-43881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43881"
},
{
"name": "CVE-2024-43882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
},
{
"name": "CVE-2024-43883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43883"
},
{
"name": "CVE-2024-43884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43884"
},
{
"name": "CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-43893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43893"
},
{
"name": "CVE-2024-43894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43894"
},
{
"name": "CVE-2024-43895",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43895"
},
{
"name": "CVE-2024-43899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43899"
},
{
"name": "CVE-2024-43900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43900"
},
{
"name": "CVE-2024-43902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43902"
},
{
"name": "CVE-2024-43904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43904"
},
{
"name": "CVE-2024-43905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43905"
},
{
"name": "CVE-2024-43906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43906"
},
{
"name": "CVE-2024-43907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43907"
},
{
"name": "CVE-2024-43908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43908"
},
{
"name": "CVE-2024-43909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43909"
},
{
"name": "CVE-2024-43911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43911"
},
{
"name": "CVE-2024-43912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43912"
},
{
"name": "CVE-2024-44931",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44931"
},
{
"name": "CVE-2024-44938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44938"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-44947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44947"
},
{
"name": "CVE-2024-45003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45003"
},
{
"name": "CVE-2024-43835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43835"
},
{
"name": "CVE-2024-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43859"
},
{
"name": "CVE-2024-44940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44940"
},
{
"name": "CVE-2024-44946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44946"
},
{
"name": "CVE-2024-44974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44974"
},
{
"name": "CVE-2024-44977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44977"
},
{
"name": "CVE-2024-44982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44982"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44985"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2024-44988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44988"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2024-44991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44991"
},
{
"name": "CVE-2024-44995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44995"
},
{
"name": "CVE-2024-44998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44998"
},
{
"name": "CVE-2024-44999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44999"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-45002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45002"
},
{
"name": "CVE-2024-45006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45006"
},
{
"name": "CVE-2024-45007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45007"
},
{
"name": "CVE-2024-45008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45008"
},
{
"name": "CVE-2024-45009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45009"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-45011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45011"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-45021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45021"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-45025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45025"
},
{
"name": "CVE-2024-45026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45026"
},
{
"name": "CVE-2024-45028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45028"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46673"
},
{
"name": "CVE-2024-46675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46675"
},
{
"name": "CVE-2024-46676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46676"
},
{
"name": "CVE-2024-46677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46677"
},
{
"name": "CVE-2024-46679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46679"
},
{
"name": "CVE-2024-46685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46685"
},
{
"name": "CVE-2024-46686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46686"
},
{
"name": "CVE-2024-46689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46689"
},
{
"name": "CVE-2024-46694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46694"
},
{
"name": "CVE-2024-46702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46702"
},
{
"name": "CVE-2024-46707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46707"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-46714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46714"
},
{
"name": "CVE-2024-46715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46715"
},
{
"name": "CVE-2024-46716",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46716"
},
{
"name": "CVE-2024-46717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46717"
},
{
"name": "CVE-2024-46719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46719"
},
{
"name": "CVE-2024-46720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46720"
},
{
"name": "CVE-2024-46721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46721"
},
{
"name": "CVE-2024-46722",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46722"
},
{
"name": "CVE-2024-46723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46723"
},
{
"name": "CVE-2024-46724",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
},
{
"name": "CVE-2024-46725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46725"
},
{
"name": "CVE-2024-46726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46726"
},
{
"name": "CVE-2024-46731",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46731"
},
{
"name": "CVE-2024-46732",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46732"
},
{
"name": "CVE-2024-46735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46735"
},
{
"name": "CVE-2024-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46737"
},
{
"name": "CVE-2024-46738",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46738"
},
{
"name": "CVE-2024-46739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46739"
},
{
"name": "CVE-2024-46740",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46740"
},
{
"name": "CVE-2024-46743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46743"
},
{
"name": "CVE-2024-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46744"
},
{
"name": "CVE-2024-46745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46745"
},
{
"name": "CVE-2024-46746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46746"
},
{
"name": "CVE-2024-46747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46747"
},
{
"name": "CVE-2024-46750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46750"
},
{
"name": "CVE-2024-46752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46752"
},
{
"name": "CVE-2024-46755",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46755"
},
{
"name": "CVE-2024-46756",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46756"
},
{
"name": "CVE-2024-46757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46757"
},
{
"name": "CVE-2024-46758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46758"
},
{
"name": "CVE-2024-46759",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46759"
},
{
"name": "CVE-2024-46761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46761"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46770"
},
{
"name": "CVE-2024-46771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46771"
},
{
"name": "CVE-2024-46773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46773"
},
{
"name": "CVE-2024-46777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46777"
},
{
"name": "CVE-2024-46780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46780"
},
{
"name": "CVE-2024-46781",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46781"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-46783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46783"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46791"
},
{
"name": "CVE-2024-46794",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46794"
},
{
"name": "CVE-2024-46795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46795"
},
{
"name": "CVE-2024-46798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46798"
},
{
"name": "CVE-2024-46800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46800"
},
{
"name": "CVE-2024-46802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46802"
},
{
"name": "CVE-2024-46804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46804"
},
{
"name": "CVE-2024-46805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46805"
},
{
"name": "CVE-2024-46807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46807"
},
{
"name": "CVE-2024-46810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46810"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46814"
},
{
"name": "CVE-2024-46815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46815"
},
{
"name": "CVE-2024-46817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46817"
},
{
"name": "CVE-2024-46818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
},
{
"name": "CVE-2024-46819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46819"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46822"
},
{
"name": "CVE-2024-46826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46826"
},
{
"name": "CVE-2024-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46828"
},
{
"name": "CVE-2024-46829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46829"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2024-46832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46832"
},
{
"name": "CVE-2024-46835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46835"
},
{
"name": "CVE-2024-46836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46836"
},
{
"name": "CVE-2024-46840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46840"
},
{
"name": "CVE-2024-46844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46844"
},
{
"name": "CVE-2024-46846",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46846"
},
{
"name": "CVE-2024-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46848"
},
{
"name": "CVE-2024-46849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46849"
},
{
"name": "CVE-2024-46852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46852"
},
{
"name": "CVE-2024-46853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46853"
},
{
"name": "CVE-2024-46854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46854"
},
{
"name": "CVE-2024-46855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46855"
},
{
"name": "CVE-2024-46857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46857"
},
{
"name": "CVE-2024-46858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46858"
},
{
"name": "CVE-2024-46859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46859"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-42272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42272"
},
{
"name": "CVE-2024-42297",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42297"
},
{
"name": "CVE-2024-42265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
},
{
"name": "CVE-2024-42294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42294"
},
{
"name": "CVE-2024-42304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42304"
},
{
"name": "CVE-2024-42305",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42305"
},
{
"name": "CVE-2024-42306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42306"
},
{
"name": "CVE-2024-43828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43828"
},
{
"name": "CVE-2024-43832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43832"
},
{
"name": "CVE-2024-43845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43845"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-43886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43886"
},
{
"name": "CVE-2024-43890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43890"
},
{
"name": "CVE-2024-43914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43914"
},
{
"name": "CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"name": "CVE-2024-44944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44944"
},
{
"name": "CVE-2024-44948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44948"
},
{
"name": "CVE-2024-44950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44950"
},
{
"name": "CVE-2024-44954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44954"
},
{
"name": "CVE-2024-44960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44960"
},
{
"name": "CVE-2024-44961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44961"
},
{
"name": "CVE-2024-44962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44962"
},
{
"name": "CVE-2024-44965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44965"
},
{
"name": "CVE-2024-44967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44967"
},
{
"name": "CVE-2024-44969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44969"
},
{
"name": "CVE-2024-44970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44970"
},
{
"name": "CVE-2024-44971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44971"
},
{
"name": "CVE-2024-44972",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44972"
},
{
"name": "CVE-2024-44984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44984"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2024-45005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45005"
},
{
"name": "CVE-2024-45012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45012"
},
{
"name": "CVE-2024-45013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45013"
},
{
"name": "CVE-2024-45015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45015"
},
{
"name": "CVE-2024-45017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45017"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-45030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45030"
},
{
"name": "CVE-2024-46672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46672"
},
{
"name": "CVE-2024-46678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46678"
},
{
"name": "CVE-2024-46687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46687"
},
{
"name": "CVE-2024-46691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46691"
},
{
"name": "CVE-2024-46692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46692"
},
{
"name": "CVE-2024-46693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46693"
},
{
"name": "CVE-2024-46695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46695"
},
{
"name": "CVE-2024-46706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46706"
},
{
"name": "CVE-2024-46709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46709"
},
{
"name": "CVE-2024-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46710"
},
{
"name": "CVE-2024-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46727"
},
{
"name": "CVE-2024-46728",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46728"
},
{
"name": "CVE-2024-46729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46729"
},
{
"name": "CVE-2024-46730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46730"
},
{
"name": "CVE-2024-46741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46741"
},
{
"name": "CVE-2024-46749",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46749"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46760"
},
{
"name": "CVE-2024-46767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46767"
},
{
"name": "CVE-2024-46772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46772"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2024-46775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46775"
},
{
"name": "CVE-2024-46776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46776"
},
{
"name": "CVE-2024-46778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46778"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2024-46797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46797"
},
{
"name": "CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"name": "CVE-2023-52918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52918"
},
{
"name": "CVE-2024-41019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41019"
},
{
"name": "CVE-2024-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47659"
},
{
"name": "CVE-2024-47663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47663"
},
{
"name": "CVE-2024-47667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47667"
},
{
"name": "CVE-2024-47669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47669"
},
{
"name": "CVE-2024-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
},
{
"name": "CVE-2024-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43857"
},
{
"name": "CVE-2023-52917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52917"
},
{
"name": "CVE-2024-46754",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46754"
},
{
"name": "CVE-2024-46766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46766"
},
{
"name": "CVE-2024-46803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46803"
},
{
"name": "CVE-2024-46806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46806"
},
{
"name": "CVE-2024-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46809"
},
{
"name": "CVE-2024-46811",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46811"
},
{
"name": "CVE-2024-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46813"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2024-46825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46825"
},
{
"name": "CVE-2024-46827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46827"
},
{
"name": "CVE-2024-46831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46831"
},
{
"name": "CVE-2024-46834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46834"
},
{
"name": "CVE-2024-46841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46841"
},
{
"name": "CVE-2024-46842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46842"
},
{
"name": "CVE-2024-46843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46843"
},
{
"name": "CVE-2024-46851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46851"
},
{
"name": "CVE-2024-46860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46860"
},
{
"name": "CVE-2024-46861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46861"
},
{
"name": "CVE-2024-46864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46864"
},
{
"name": "CVE-2024-46870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46870"
},
{
"name": "CVE-2024-46871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46871"
},
{
"name": "CVE-2024-47658",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47658"
},
{
"name": "CVE-2024-47661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47661"
},
{
"name": "CVE-2024-42267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42267"
},
{
"name": "CVE-2024-42296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42296"
},
{
"name": "CVE-2024-42299",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42299"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-44934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44934"
},
{
"name": "CVE-2024-44958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44958"
},
{
"name": "CVE-2024-44966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44966"
},
{
"name": "CVE-2024-47660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47660"
},
{
"name": "CVE-2024-47665",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47665"
},
{
"name": "CVE-2024-47662",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47662"
},
{
"name": "CVE-2024-47664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47664"
},
{
"name": "CVE-2024-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47670"
},
{
"name": "CVE-2024-47671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47671"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-47673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47673"
},
{
"name": "CVE-2024-47674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47674"
},
{
"name": "CVE-2024-47684",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47684"
},
{
"name": "CVE-2024-47685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47685"
},
{
"name": "CVE-2024-47692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47692"
},
{
"name": "CVE-2024-47693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47693"
},
{
"name": "CVE-2024-47695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47695"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-47697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47697"
},
{
"name": "CVE-2024-47698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47698"
},
{
"name": "CVE-2024-47699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47699"
},
{
"name": "CVE-2024-47705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47705"
},
{
"name": "CVE-2024-47706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47706"
},
{
"name": "CVE-2024-47709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47709"
},
{
"name": "CVE-2024-47710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47710"
},
{
"name": "CVE-2024-47712",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47712"
},
{
"name": "CVE-2024-47713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47713"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-47718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47718"
},
{
"name": "CVE-2024-47720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47720"
},
{
"name": "CVE-2024-47723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47723"
},
{
"name": "CVE-2024-47735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47735"
},
{
"name": "CVE-2024-47737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47737"
},
{
"name": "CVE-2024-47739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47739"
},
{
"name": "CVE-2024-47742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47742"
},
{
"name": "CVE-2024-47747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47747"
},
{
"name": "CVE-2024-47748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47748"
},
{
"name": "CVE-2024-47749",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47749"
},
{
"name": "CVE-2024-47756",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47756"
},
{
"name": "CVE-2024-47757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47757"
},
{
"name": "CVE-2024-49851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49851"
},
{
"name": "CVE-2024-49852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49852"
},
{
"name": "CVE-2024-49858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49858"
},
{
"name": "CVE-2024-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49860"
},
{
"name": "CVE-2024-49863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49863"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49867"
},
{
"name": "CVE-2024-49871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49871"
},
{
"name": "CVE-2024-49875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49875"
},
{
"name": "CVE-2024-49877",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49877"
},
{
"name": "CVE-2024-49878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49878"
},
{
"name": "CVE-2024-49879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49879"
},
{
"name": "CVE-2024-49881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49881"
},
{
"name": "CVE-2024-49882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49882"
},
{
"name": "CVE-2024-49883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49883"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-49890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49890"
},
{
"name": "CVE-2024-49892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49892"
},
{
"name": "CVE-2024-49894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49894"
},
{
"name": "CVE-2024-49895",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49895"
},
{
"name": "CVE-2024-49896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49896"
},
{
"name": "CVE-2024-49900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49900"
},
{
"name": "CVE-2024-49902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49902"
},
{
"name": "CVE-2024-49903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49903"
},
{
"name": "CVE-2024-49907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49907"
},
{
"name": "CVE-2024-49913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49913"
},
{
"name": "CVE-2024-49930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49930"
},
{
"name": "CVE-2024-49933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49933"
},
{
"name": "CVE-2024-49935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49935"
},
{
"name": "CVE-2024-49936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49936"
},
{
"name": "CVE-2024-49938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49938"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-49949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49949"
},
{
"name": "CVE-2024-49954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49954"
},
{
"name": "CVE-2024-49955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49955"
},
{
"name": "CVE-2024-49957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49957"
},
{
"name": "CVE-2024-49958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49958"
},
{
"name": "CVE-2024-49959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49959"
},
{
"name": "CVE-2024-49962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49962"
},
{
"name": "CVE-2024-49963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49963"
},
{
"name": "CVE-2024-49965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49965"
},
{
"name": "CVE-2024-49966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49966"
},
{
"name": "CVE-2024-49967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49967"
},
{
"name": "CVE-2024-49969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49969"
},
{
"name": "CVE-2024-49973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49973"
},
{
"name": "CVE-2024-49975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49975"
},
{
"name": "CVE-2024-49981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49981"
},
{
"name": "CVE-2024-49982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49982"
},
{
"name": "CVE-2024-49985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49985"
},
{
"name": "CVE-2024-49995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49995"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-50001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50001"
},
{
"name": "CVE-2024-50002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50002"
},
{
"name": "CVE-2024-50006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50006"
},
{
"name": "CVE-2024-50007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50007"
},
{
"name": "CVE-2024-50008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50008"
},
{
"name": "CVE-2024-50013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50013"
},
{
"name": "CVE-2024-50015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50015"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-50024",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50024"
},
{
"name": "CVE-2024-50031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50031"
},
{
"name": "CVE-2024-50033",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50033"
},
{
"name": "CVE-2024-50035",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50035"
},
{
"name": "CVE-2024-50040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50040"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-50044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50044"
},
{
"name": "CVE-2024-50045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50045"
},
{
"name": "CVE-2024-50046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50046"
},
{
"name": "CVE-2024-50049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50049"
},
{
"name": "CVE-2024-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50059"
},
{
"name": "CVE-2024-50062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50062"
},
{
"name": "CVE-2024-46824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46824"
},
{
"name": "CVE-2024-44942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44942"
},
{
"name": "CVE-2024-43868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43868"
},
{
"name": "CVE-2024-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-42260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42260"
},
{
"name": "CVE-2024-42261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42261"
},
{
"name": "CVE-2024-42262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42262"
},
{
"name": "CVE-2024-42263",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42263"
},
{
"name": "CVE-2024-42264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42264"
},
{
"name": "CVE-2024-42273",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42273"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-42317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42317"
},
{
"name": "CVE-2024-42321",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42321"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-43827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43827"
},
{
"name": "CVE-2024-43843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43843"
},
{
"name": "CVE-2024-43852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43852"
},
{
"name": "CVE-2024-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43887"
},
{
"name": "CVE-2024-43888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43888"
},
{
"name": "CVE-2024-43891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43891"
},
{
"name": "CVE-2024-43910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43910"
},
{
"name": "CVE-2024-43913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43913"
},
{
"name": "CVE-2024-44937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44937"
},
{
"name": "CVE-2024-44941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44941"
},
{
"name": "CVE-2024-44943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44943"
},
{
"name": "CVE-2024-44953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44953"
},
{
"name": "CVE-2024-44956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44956"
},
{
"name": "CVE-2024-44957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44957"
},
{
"name": "CVE-2024-44959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44959"
},
{
"name": "CVE-2024-44963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44963"
},
{
"name": "CVE-2024-44973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44973"
},
{
"name": "CVE-2024-44975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44975"
},
{
"name": "CVE-2024-44978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44978"
},
{
"name": "CVE-2024-44979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44979"
},
{
"name": "CVE-2024-44980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44980"
},
{
"name": "CVE-2024-44993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44993"
},
{
"name": "CVE-2024-44996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44996"
},
{
"name": "CVE-2024-45027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45027"
},
{
"name": "CVE-2024-46680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46680"
},
{
"name": "CVE-2024-46681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46681"
},
{
"name": "CVE-2024-46683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46683"
},
{
"name": "CVE-2024-46697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46697"
},
{
"name": "CVE-2024-46698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46698"
},
{
"name": "CVE-2024-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46701"
},
{
"name": "CVE-2024-46703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46703"
},
{
"name": "CVE-2024-46705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46705"
},
{
"name": "CVE-2024-46708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46708"
},
{
"name": "CVE-2024-46718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46718"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2024-46762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46762"
},
{
"name": "CVE-2024-46765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46765"
},
{
"name": "CVE-2024-46768",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46768"
},
{
"name": "CVE-2024-46779",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46779"
},
{
"name": "CVE-2024-46785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46785"
},
{
"name": "CVE-2024-46788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46788"
},
{
"name": "CVE-2024-46792",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46792"
},
{
"name": "CVE-2024-46793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46793"
},
{
"name": "CVE-2024-46808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46808"
},
{
"name": "CVE-2024-46823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46823"
},
{
"name": "CVE-2024-46838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46838"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-46847",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46847"
},
{
"name": "CVE-2024-46850",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46850"
},
{
"name": "CVE-2024-46866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46866"
},
{
"name": "CVE-2024-46867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46867"
},
{
"name": "CVE-2024-46868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46868"
},
{
"name": "CVE-2024-47666",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47666"
},
{
"name": "CVE-2024-47683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47683"
},
{
"name": "CVE-2024-49984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49984"
},
{
"name": "CVE-2024-47679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47679"
},
{
"name": "CVE-2024-47690",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47690"
},
{
"name": "CVE-2024-47701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47701"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-47740",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47740"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-49868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49868"
},
{
"name": "CVE-2024-49884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49884"
},
{
"name": "CVE-2024-49889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49889"
},
{
"name": "CVE-2024-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
},
{
"name": "CVE-2024-49927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49927"
},
{
"name": "CVE-2024-49944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49944"
},
{
"name": "CVE-2024-49948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49948"
},
{
"name": "CVE-2024-49952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49952"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-49983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49983"
},
{
"name": "CVE-2024-49997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49997"
},
{
"name": "CVE-2024-50003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50003"
},
{
"name": "CVE-2024-50038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50038"
},
{
"name": "CVE-2024-50039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50039"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-50095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50095"
},
{
"name": "CVE-2024-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50096"
},
{
"name": "CVE-2024-50179",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50179"
},
{
"name": "CVE-2024-50180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50180"
},
{
"name": "CVE-2024-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50181"
},
{
"name": "CVE-2024-50184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50184"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-50188",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50188"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2024-50191",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50191"
},
{
"name": "CVE-2024-50011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50011"
}
],
"initial_release_date": "2025-01-10T00:00:00",
"last_revision_date": "2025-01-10T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0022",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7186-1",
"url": "https://ubuntu.com/security/notices/USN-7186-1"
},
{
"published_at": "2025-01-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7179-3",
"url": "https://ubuntu.com/security/notices/USN-7179-3"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7154-2",
"url": "https://ubuntu.com/security/notices/USN-7154-2"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7184-1",
"url": "https://ubuntu.com/security/notices/USN-7184-1"
},
{
"published_at": "2025-01-09",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7185-2",
"url": "https://ubuntu.com/security/notices/USN-7185-2"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7183-1",
"url": "https://ubuntu.com/security/notices/USN-7183-1"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7187-1",
"url": "https://ubuntu.com/security/notices/USN-7187-1"
},
{
"published_at": "2025-01-09",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7194-1",
"url": "https://ubuntu.com/security/notices/USN-7194-1"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7185-1",
"url": "https://ubuntu.com/security/notices/USN-7185-1"
},
{
"published_at": "2025-01-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7167-2",
"url": "https://ubuntu.com/security/notices/USN-7167-2"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7159-5",
"url": "https://ubuntu.com/security/notices/USN-7159-5"
},
{
"published_at": "2025-01-09",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7195-1",
"url": "https://ubuntu.com/security/notices/USN-7195-1"
},
{
"published_at": "2025-01-09",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7169-4",
"url": "https://ubuntu.com/security/notices/USN-7169-4"
},
{
"published_at": "2025-01-09",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7186-2",
"url": "https://ubuntu.com/security/notices/USN-7186-2"
},
{
"published_at": "2025-01-09",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7196-1",
"url": "https://ubuntu.com/security/notices/USN-7196-1"
},
{
"published_at": "2025-01-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7179-2",
"url": "https://ubuntu.com/security/notices/USN-7179-2"
},
{
"published_at": "2025-01-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7169-3",
"url": "https://ubuntu.com/security/notices/USN-7169-3"
}
]
}
CERTFR-2025-AVI-0087
Vulnerability from certfr_avis - Published: 2025-01-31 - Updated: 2025-01-31
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-43914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43914"
},
{
"name": "CVE-2024-26595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26595"
},
{
"name": "CVE-2024-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40973"
},
{
"name": "CVE-2024-35965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35965"
},
{
"name": "CVE-2024-35966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35966"
},
{
"name": "CVE-2023-21400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21400"
},
{
"name": "CVE-2020-12351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12351"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-53103",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53103"
},
{
"name": "CVE-2024-26929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26929"
},
{
"name": "CVE-2020-24490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24490"
},
{
"name": "CVE-2024-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
},
{
"name": "CVE-2024-53164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53164"
},
{
"name": "CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"name": "CVE-2020-12352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12352"
},
{
"name": "CVE-2024-41012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41012"
},
{
"name": "CVE-2024-26663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
},
{
"name": "CVE-2024-53141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53141"
},
{
"name": "CVE-2024-40910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40910"
},
{
"name": "CVE-2024-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
},
{
"name": "CVE-2024-26822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
},
{
"name": "CVE-2024-42311",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42311"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42252"
},
{
"name": "CVE-2024-40967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40967"
},
{
"name": "CVE-2024-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40982"
},
{
"name": "CVE-2024-38661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
},
{
"name": "CVE-2024-43904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43904"
},
{
"name": "CVE-2024-38597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
},
{
"name": "CVE-2024-41020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41020"
},
{
"name": "CVE-2024-35967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35967"
}
],
"initial_release_date": "2025-01-31T00:00:00",
"last_revision_date": "2025-01-31T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0087",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-01-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7235-2",
"url": "https://ubuntu.com/security/notices/USN-7235-2"
},
{
"published_at": "2025-01-29",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7236-2",
"url": "https://ubuntu.com/security/notices/USN-7236-2"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7234-1",
"url": "https://ubuntu.com/security/notices/USN-7234-1"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7236-1",
"url": "https://ubuntu.com/security/notices/USN-7236-1"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7235-1",
"url": "https://ubuntu.com/security/notices/USN-7235-1"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7233-1",
"url": "https://ubuntu.com/security/notices/USN-7233-1"
},
{
"published_at": "2025-01-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7238-2",
"url": "https://ubuntu.com/security/notices/USN-7238-2"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7237-1",
"url": "https://ubuntu.com/security/notices/USN-7237-1"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7238-1",
"url": "https://ubuntu.com/security/notices/USN-7238-1"
},
{
"published_at": "2025-01-27",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7179-4",
"url": "https://ubuntu.com/security/notices/USN-7179-4"
},
{
"published_at": "2025-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7232-1",
"url": "https://ubuntu.com/security/notices/USN-7232-1"
},
{
"published_at": "2025-01-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7233-2",
"url": "https://ubuntu.com/security/notices/USN-7233-2"
},
{
"published_at": "2025-01-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7234-2",
"url": "https://ubuntu.com/security/notices/USN-7234-2"
}
]
}
FKIE_CVE-2020-12352
Vulnerability from fkie_nvd - Published: 2020-11-23 17:15 - Updated: 2024-11-21 04:59
Severity
Summary
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html | Exploit, Third Party Advisory, VDB Entry | |
| secure@intel.com | http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| bluez | bluez | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C80C1FD8-F215-4D0F-BEE9-19828D469E40",
"versionEndExcluding": "5.4.72",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDBCEEC-9FE9-443E-9390-A4482628E1A2",
"versionEndExcluding": "5.8.16",
"versionStartIncluding": "5.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495DCAB3-4E54-4834-B819-24D7DE5080E3",
"versionEndIncluding": "5.9.13",
"versionStartIncluding": "5.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44048534-EE46-4AEE-B776-33273C37B1E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access."
},
{
"lang": "es",
"value": "Un control de acceso inapropiado en BlueZ puede permitir a un usuario no autenticado habilitar potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio de un acceso adyacente"
}
],
"id": "CVE-2020-12352",
"lastModified": "2024-11-21T04:59:33.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-23T17:15:12.313",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-909"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2020-12352
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-12352",
"description": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"id": "GSD-2020-12352",
"references": [
"https://www.suse.com/security/cve/CVE-2020-12352.html",
"https://www.debian.org/security/2020/dsa-4774",
"https://access.redhat.com/errata/RHSA-2020:4991",
"https://access.redhat.com/errata/RHSA-2020:4990",
"https://access.redhat.com/errata/RHSA-2020:4289",
"https://access.redhat.com/errata/RHSA-2020:4288",
"https://access.redhat.com/errata/RHSA-2020:4287",
"https://access.redhat.com/errata/RHSA-2020:4286",
"https://access.redhat.com/errata/RHSA-2020:4281",
"https://access.redhat.com/errata/RHSA-2020:4280",
"https://access.redhat.com/errata/RHSA-2020:4279",
"https://access.redhat.com/errata/RHSA-2020:4278",
"https://access.redhat.com/errata/RHSA-2020:4277",
"https://access.redhat.com/errata/RHSA-2020:4276",
"https://ubuntu.com/security/CVE-2020-12352",
"https://advisories.mageia.org/CVE-2020-12352.html",
"https://security.archlinux.org/CVE-2020-12352",
"https://alas.aws.amazon.com/cve/html/CVE-2020-12352.html",
"https://linux.oracle.com/cve/CVE-2020-12352.html",
"https://packetstormsecurity.com/files/cve/CVE-2020-12352"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-12352"
],
"details": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"id": "GSD-2020-12352",
"modified": "2023-12-13T01:21:49.479866Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlueZ",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
},
{
"name": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"name": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.4.72",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.8.16",
"versionStartIncluding": "5.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.9.13",
"versionStartIncluding": "5.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12352"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": []
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351"
},
{
"name": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"
},
{
"name": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-08-12T18:28Z",
"publishedDate": "2020-11-23T17:15Z"
}
}
}
OPENSUSE-SU-2020:1682-1
Vulnerability from csaf_opensuse - Published: 2020-10-17 08:06 - Updated: 2020-10-17 08:06Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-12351: A type confusion while processing AMP packets could be used by physical close attackers to crash the kernel or potentially execute code was fixed (bsc#1177724).
- CVE-2020-12352: A stack information leak when handling certain AMP packets could be used by physical close attackers to leak information from the kernel was fixed (bsc#1177725).
- CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).
- CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511).
The following non-security bugs were fixed:
- 59c7c3caaaf8 ('nvme: fix possible hang when ns scanning fails during error recovery')
- NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340).
- NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340).
- drm/sun4i: mixer: Extend regmap max_register (git-fixes).
- ea43d9709f72 ('nvme: fix identify error status silent ignore')
- i2c: meson: fix clock setting overwrite (git-fixes).
- iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
- mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
- mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685).
- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
- nvme-multipath: do not reset on unknown status (bsc#1174748).
- nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
- nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
- nvme: Namepace identification descriptor list is optional (bsc#1174748).
- nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748).
- nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
- nvme: fix possible io failures when removing multipathed ns (bsc#1174748).
- nvme: make nvme_identify_ns propagate errors back (bsc#1174748).
- nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).
- nvme: pass status to nvme_error_status (bsc#1174748).
- nvme: return error from nvme_alloc_ns() (bsc#1174748).
- powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
- scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683).
- scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
- scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683).
- scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683).
- scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683).
- scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
- scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683).
- scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh:
- scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update:
- scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
- scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538).
- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538).
Patchnames: openSUSE-2020-1682
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
35 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1065729 | self |
| https://bugzilla.suse.com/1140683 | self |
| https://bugzilla.suse.com/1172538 | self |
| https://bugzilla.suse.com/1174748 | self |
| https://bugzilla.suse.com/1175520 | self |
| https://bugzilla.suse.com/1176381 | self |
| https://bugzilla.suse.com/1176400 | self |
| https://bugzilla.suse.com/1176946 | self |
| https://bugzilla.suse.com/1177340 | self |
| https://bugzilla.suse.com/1177511 | self |
| https://bugzilla.suse.com/1177685 | self |
| https://bugzilla.suse.com/1177724 | self |
| https://bugzilla.suse.com/1177725 | self |
| https://www.suse.com/security/cve/CVE-2020-12351/ | self |
| https://www.suse.com/security/cve/CVE-2020-12352/ | self |
| https://www.suse.com/security/cve/CVE-2020-25212/ | self |
| https://www.suse.com/security/cve/CVE-2020-25645/ | self |
| https://www.suse.com/security/cve/CVE-2020-12351 | external |
| https://bugzilla.suse.com/1177724 | external |
| https://bugzilla.suse.com/1177729 | external |
| https://bugzilla.suse.com/1178397 | external |
| https://www.suse.com/security/cve/CVE-2020-12352 | external |
| https://bugzilla.suse.com/1177725 | external |
| https://bugzilla.suse.com/1178398 | external |
| https://www.suse.com/security/cve/CVE-2020-25212 | external |
| https://bugzilla.suse.com/1176381 | external |
| https://bugzilla.suse.com/1176382 | external |
| https://bugzilla.suse.com/1177027 | external |
| https://www.suse.com/security/cve/CVE-2020-25645 | external |
| https://bugzilla.suse.com/1177511 | external |
| https://bugzilla.suse.com/1177513 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-12351: A type confusion while processing AMP packets could be used by physical close attackers to crash the kernel or potentially execute code was fixed (bsc#1177724).\n- CVE-2020-12352: A stack information leak when handling certain AMP packets could be used by physical close attackers to leak information from the kernel was fixed (bsc#1177725).\n- CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).\n- CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511).\n\nThe following non-security bugs were fixed:\n\n- 59c7c3caaaf8 (\u0027nvme: fix possible hang when ns scanning fails during error recovery\u0027)\n- NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340).\n- NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340).\n- drm/sun4i: mixer: Extend regmap max_register (git-fixes).\n- ea43d9709f72 (\u0027nvme: fix identify error status silent ignore\u0027)\n- i2c: meson: fix clock setting overwrite (git-fixes).\n- iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).\n- mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).\n- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).\n- mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685).\n- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).\n- nvme-multipath: do not reset on unknown status (bsc#1174748).\n- nvme-rdma: Avoid double freeing of async event data (bsc#1174748).\n- nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).\n- nvme: Namepace identification descriptor list is optional (bsc#1174748).\n- nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748).\n- nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).\n- nvme: fix possible io failures when removing multipathed ns (bsc#1174748).\n- nvme: make nvme_identify_ns propagate errors back (bsc#1174748).\n- nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).\n- nvme: pass status to nvme_error_status (bsc#1174748).\n- nvme: return error from nvme_alloc_ns() (bsc#1174748).\n- powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).\n- scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683).\n- scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).\n- scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683).\n- scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683).\n- scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683).\n- scsi: hisi_sas: Do some more tidy-up (bsc#1140683).\n- scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683).\n- scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh:\n- scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update:\n- scsi: hisi_sas: Some misc tidy-up (bsc#1140683).\n- scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Remove unneeded variable \u0027rval\u0027 (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538).\n- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1682",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1682-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1682-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P7AP5V2WMODZLL2BP3KNT37XWNT7K5NX/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1682-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P7AP5V2WMODZLL2BP3KNT37XWNT7K5NX/"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1140683",
"url": "https://bugzilla.suse.com/1140683"
},
{
"category": "self",
"summary": "SUSE Bug 1172538",
"url": "https://bugzilla.suse.com/1172538"
},
{
"category": "self",
"summary": "SUSE Bug 1174748",
"url": "https://bugzilla.suse.com/1174748"
},
{
"category": "self",
"summary": "SUSE Bug 1175520",
"url": "https://bugzilla.suse.com/1175520"
},
{
"category": "self",
"summary": "SUSE Bug 1176381",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "self",
"summary": "SUSE Bug 1176400",
"url": "https://bugzilla.suse.com/1176400"
},
{
"category": "self",
"summary": "SUSE Bug 1176946",
"url": "https://bugzilla.suse.com/1176946"
},
{
"category": "self",
"summary": "SUSE Bug 1177340",
"url": "https://bugzilla.suse.com/1177340"
},
{
"category": "self",
"summary": "SUSE Bug 1177511",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "self",
"summary": "SUSE Bug 1177685",
"url": "https://bugzilla.suse.com/1177685"
},
{
"category": "self",
"summary": "SUSE Bug 1177724",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "self",
"summary": "SUSE Bug 1177725",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12352 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25212 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25645 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25645/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-10-17T08:06:42Z",
"generator": {
"date": "2020-10-17T08:06:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1682-1",
"initial_release_date": "2020-10-17T08:06:42Z",
"revision_history": [
{
"date": "2020-10-17T08:06:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp151.28.75.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp151.28.75.1.noarch",
"product_id": "kernel-devel-4.12.14-lp151.28.75.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp151.28.75.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp151.28.75.1.noarch",
"product_id": "kernel-docs-4.12.14-lp151.28.75.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp151.28.75.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp151.28.75.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp151.28.75.1.noarch",
"product_id": "kernel-macros-4.12.14-lp151.28.75.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp151.28.75.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp151.28.75.1.noarch",
"product_id": "kernel-source-4.12.14-lp151.28.75.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-default-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp151.28.75.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp151.28.75.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp151.28.75.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp151.28.75.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp151.28.75.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp151.28.75.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp151.28.75.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp151.28.75.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp151.28.75.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-17T08:06:42Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-12352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12352"
}
],
"notes": [
{
"category": "general",
"text": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12352",
"url": "https://www.suse.com/security/cve/CVE-2020-12352"
},
{
"category": "external",
"summary": "SUSE Bug 1177725 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "external",
"summary": "SUSE Bug 1178398 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1178398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-17T08:06:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-12352"
},
{
"cve": "CVE-2020-25212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25212"
}
],
"notes": [
{
"category": "general",
"text": "A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25212",
"url": "https://www.suse.com/security/cve/CVE-2020-25212"
},
{
"category": "external",
"summary": "SUSE Bug 1176381 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "external",
"summary": "SUSE Bug 1176382 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176382"
},
{
"category": "external",
"summary": "SUSE Bug 1177027 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1177027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-17T08:06:42Z",
"details": "important"
}
],
"title": "CVE-2020-25212"
},
{
"cve": "CVE-2020-25645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25645"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25645",
"url": "https://www.suse.com/security/cve/CVE-2020-25645"
},
{
"category": "external",
"summary": "SUSE Bug 1177511 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "external",
"summary": "SUSE Bug 1177513 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.75.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.75.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-17T08:06:42Z",
"details": "important"
}
],
"title": "CVE-2020-25645"
}
]
}
OPENSUSE-SU-2020:1698-1
Vulnerability from csaf_opensuse - Published: 2020-10-19 16:23 - Updated: 2020-10-19 16:23Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724).
- CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka 'BleedingTooth' aka 'BadVibes' (bsc#1177726).
- CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' aka 'BadChoice' (bsc#1177725).
- CVE-2020-25212: A TOCTOU mismatch in the NFS client code in the Linux kernel could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).
- CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511).
- CVE-2020-25643: Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (bnc#1177206).
- CVE-2020-25641: A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allowed a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability (bnc#1177121).
The following non-security bugs were fixed:
- 9p: Fix memory leak in v9fs_mount (git-fixes).
- ACPI: EC: Reference count query handlers under lock (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes).
- ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes).
- ASoC: kirkwood: fix IRQ error handling (git-fixes).
- ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions (git-fixes).
- ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes).
- Bluetooth: Fix refcount use-after-free issue (git-fixes).
- Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
- Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).
- Bluetooth: guard against controllers sending zero'd events (git-fixes).
- Bluetooth: prefetch channel before killing sock (git-fixes).
- Btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019).
- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532).
- Input: trackpoint - enable Synaptics trackpoints (git-fixes).
- Move upstreamed intel-vbtn patch into sorted section
- NFS: Do not move layouts to plh_return_segs list while in use (git-fixes).
- NFS: Do not return layout segments that are in use (git-fixes).
- NFS: Fix flexfiles read failover (git-fixes).
- NFSv4.2: fix client's attribute cache management for copy_file_range (git-fixes).
- PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).
- PCI: Avoid double hpmemsize MMIO window assignment (git-fixes).
- PCI: tegra194: Fix runtime PM imbalance on error (git-fixes).
- PCI: tegra: Fix runtime PM imbalance on error (git-fixes).
- Platform: OLPC: Fix memleak in olpc_ec_probe (git-fixes).
- RDMA/hfi1: Correct an interlock issue for TID RDMA WRITE request (bsc#1175621).
- Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675).
- SUNRPC: Revert 241b1f419f0e ('SUNRPC: Remove xdr_buf_trim()') (git-fixes).
- USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
- USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).
- USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
- Update patches.suse/target-add-rbd-backend.patch: (). (simplify block to byte calculations and use consistent error paths)
- Update config files. Enable ACPI_PCI_SLOT and HOTPLUG_PCI_ACPI (bsc#1177194).
- airo: Fix read overflows sending packets (git-fixes).
- ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
- arm64: Enable PCI write-combine resources under sysfs (bsc#1175807).
- ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 (git-fixes).
- ath10k: fix array out-of-bounds access (git-fixes).
- ath10k: fix memory leak for tpc_stats_final (git-fixes).
- ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
- brcmfmac: Fix double freeing in the fmac usb data path (git-fixes).
- btrfs: block-group: do not set the wrong READA flag for btrfs_read_block_groups() (bsc#1176019).
- btrfs: block-group: fix free-space bitmap threshold (bsc#1176019).
- btrfs: block-group: refactor how we delete one block group item (bsc#1176019).
- btrfs: block-group: refactor how we insert a block group item (bsc#1176019).
- btrfs: block-group: refactor how we read one block group item (bsc#1176019).
- btrfs: block-group: rename write_one_cache_group() (bsc#1176019).
- btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687).
- btrfs: do not set the full sync flag on the inode during page release (bsc#1177687).
- btrfs: do not take an extra root ref at allocation time (bsc#1176019).
- btrfs: drop logs when we've aborted a transaction (bsc#1176019).
- btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019).
- btrfs: fix race between page release and a fast fsync (bsc#1177687).
- btrfs: free block groups after free'ing fs trees (bsc#1176019).
- btrfs: hold a ref on the root on the dead roots list (bsc#1176019).
- btrfs: kill the subvol_srcu (bsc#1176019).
- btrfs: make btrfs_cleanup_fs_roots use the radix tree lock (bsc#1176019).
- btrfs: make inodes hold a ref on their roots (bsc#1176019).
- btrfs: make the extent buffer leak check per fs info (bsc#1176019).
- btrfs: move ino_cache_inode dropping out of btrfs_free_fs_root (bsc#1176019).
- btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019).
- btrfs: move the root freeing stuff into btrfs_put_root (bsc#1176019).
- btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687).
- btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687).
- btrfs: reduce contention on log trees when logging checksums (bsc#1177687).
- btrfs: release old extent maps during page release (bsc#1177687).
- btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019).
- btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687).
- btrfs: rename member 'trimming' of block group to a more generic name (bsc#1176019).
- btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019).
- btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687).
- bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes).
- clk/ti/adpll: allocate room for terminating null (git-fixes).
- clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes).
- clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk (git-fixes).
- clk: tegra: Always program PLL_E when enabled (git-fixes).
- clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes).
- clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes).
- cpuidle: Poll for a minimum of 30ns and poll for a tick if lower c-states are disabled (bnc#1176588).
- create Storage / NVMe subsection
- crypto: algif_aead - Do not set MAY_BACKLOG on the async path (git-fixes).
- crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).
- crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
- crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175718).
- crypto: dh - check validity of Z before export (bsc#1175718).
- crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175718).
- crypto: ecdh - check validity of Z before export (bsc#1175718).
- crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes).
- crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes).
- crypto: omap-sham - fix digcnt register handling with export/import (git-fixes).
- crypto: picoxcell - Fix potential race condition bug (git-fixes).
- crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes).
- cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).
- dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) (git-fixes).
- dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails (git-fixes).
- dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).
- dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).
- dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes).
- dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
- drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).
- drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config (git-fixes).
- drm/radeon: revert 'Prefer lower feedback dividers' (bsc#1177384).
- drop Storage / bsc#1171688 subsection No effect on expanded tree.
- e1000: Do not perform reset in reset_task if we are already down (git-fixes).
- ftrace: Move RCU is watching check after recursion check (git-fixes).
- fuse: do not ignore errors from fuse_writepages_fill() (bsc#1177193).
- gpio: mockup: fix resource leak in error path (git-fixes).
- gpio: rcar: Fix runtime PM imbalance on error (git-fixes).
- gpio: siox: explicitly support only threaded irqs (git-fixes).
- gpio: sprd: Clear interrupt when setting the type as edge (git-fixes).
- gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
- hwmon: (applesmc) check status earlier (git-fixes).
- hwmon: (mlxreg-fan) Fix double 'Mellanox' (git-fixes).
- hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} (git-fixes).
- i2c: aspeed: Mask IRQ status to relevant bits (git-fixes).
- i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() (git-fixes).
- i2c: cpm: Fix i2c_ram structure (git-fixes).
- i2c: i801: Exclude device from suspend direct complete optimization (git-fixes).
- i2c: meson: fix clock setting overwrite (git-fixes).
- i2c: meson: fixup rate calculation with filter delay (git-fixes).
- i2c: owl: Clear NACK and BUS error bits (git-fixes).
- i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes).
- i2c: tegra: Restore pinmux on system resume (git-fixes).
- ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).
- ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).
- iio: adc: qcom-spmi-adc5: fix driver name (git-fixes).
- ima: extend boot_aggregate with kernel measurements (bsc#1177617).
- iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297).
- iommu/amd: Fix potential @entry null deref (bsc#1177283).
- iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284).
- iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177285).
- iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177286).
- iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
- kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).
- kabi fix for NFS: Fix flexfiles read failover (git-fixes).
- kabi/severities: ignore kABI for target_core_rbd Match behaviour for all other Ceph specific modules.
- kernel-binary.spec.in: Exclude .config.old from kernel-devel - use tar excludes for .kernel-binary.spec.buildenv
- kernel-binary.spec.in: Package the obj_install_dir as explicit filelist.
- leds: mlxreg: Fix possible buffer overflow (git-fixes).
- lib/mpi: Add mpi_sub_ui() (bsc#1175718).
- libceph-add-support-for-CMPEXT-compare-extent-reques.patch: (bsc#1177090).
- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).
- mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
- mac80211: skip mpath lookup also for control port tx (git-fixes).
- mac802154: tx: fix use-after-free (git-fixes).
- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
- media: Revert 'media: exynos4-is: Add missed check for pinctrl_lookup_state()' (git-fixes).
- media: camss: Fix a reference count leak (git-fixes).
- media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).
- media: mc-device.c: fix memleak in media_device_register_entity (git-fixes).
- media: mx2_emmaprp: Fix memleak in emmaprp_probe (git-fixes).
- media: omap3isp: Fix memleak in isp_probe (git-fixes).
- media: ov5640: Correct Bit Div register in clock tree diagram (git-fixes).
- media: platform: fcp: Fix a reference count leak (git-fixes).
- media: rc: do not access device via sysfs after rc_unregister_device() (git-fixes).
- media: rc: uevent sysfs file races with rc_unregister_device() (git-fixes).
- media: rcar-csi2: Allocate v4l2_async_subdev dynamically (git-fixes).
- media: rcar-vin: Fix a reference count leak (git-fixes).
- media: rockchip/rga: Fix a reference count leak (git-fixes).
- media: s5p-mfc: Fix a reference count leak (git-fixes).
- media: smiapp: Fix error handling at NVM reading (git-fixes).
- media: staging/intel-ipu3: css: Correctly reset some memory (git-fixes).
- media: stm32-dcmi: Fix a reference count leak (git-fixes).
- media: tc358743: cleanup tc358743_cec_isr (git-fixes).
- media: tc358743: initialize variable (git-fixes).
- media: ti-vpe: Fix a missing check and reference count leak (git-fixes).
- media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
- media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).
- media: usbtv: Fix refcounting mixup (git-fixes).
- media: uvcvideo: Set media controller entity functions (git-fixes).
- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).
- media: v4l2-async: Document asd allocation requirements (git-fixes).
- mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
- mm, compaction: fully assume capture is not NULL in compact_zone_order() (git fixes (mm/compaction), bsc#1177681).
- mm, compaction: make capture control handling safe wrt interrupts (git fixes (mm/compaction), bsc#1177681).
- mm, slab/slub: move and improve cache_from_obj() (mm/slub bsc#1165692).
- mm, slab/slub: improve error reporting and overhead of cache_from_obj() (mm/slub bsc#1165692).
- mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692).
- mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692).
- mm, slub: introduce kmem_cache_debug_flags() (mm/slub bsc#1165692).
- mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692).
- mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692).
- mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692).
- mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692).
- mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692).
- mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692).
- mm/debug.c: always print flags in dump_page() (git fixes (mm/debug)).
- mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() (bsc#1177694).
- mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683).
- mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697).
- mm: call cond_resched() from deferred_init_memmap() (git fixes (mm/init), bsc#1177697).
- mm: initialize deferred pages with interrupts enabled (git fixes (mm/init), bsc#1177697).
- mm: move_pages: report the number of non-attempted pages (git fixes (mm/move_pages), bsc#1177683).
- mm: move_pages: return valid node id in status if the page is already on the target node (git fixes (mm/move_pages), bsc#1177683).
- mmc: core: Rework wp-gpio handling (git-fixes).
- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
- mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes).
- mmc: sdhci: Add LTR support for some Intel BYT based controllers (git-fixes).
- mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).
- mt76: add missing locking around ampdu action (git-fixes).
- mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes).
- mt76: do not use devm API for led classdev (git-fixes).
- mt76: fix LED link time failure (git-fixes).
- mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw (git-fixes).
- mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of cfi_amdstd_setup() (git-fixes).
- mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes).
- mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes).
- net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes).
- nfs: Fix security label length not being reset (bsc#1176381).
- nfs: ensure correct writeback errors are returned on close() (git-fixes).
- nfs: nfs_file_write() should check for writeback errors (git-fixes).
- nfsd4: fix NULL dereference in nfsd/clients display code (git-fixes).
- nvme-multipath: retry commands for dying queues (bsc#1171688).
- pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly on read (git-fixes).
- phy: ti: am654: Fix a leak in serdes_am654_probe() (git-fixes).
- pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB (git-fixes).
- pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
- platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes).
- platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes).
- platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting (bsc#1175599).
- platform/x86: intel_pmc_core: do not create a static struct device (git-fixes).
- platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes).
- platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes).
- power: supply: max17040: Correct voltage reading (git-fixes).
- powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
- qla2xxx: Return EBUSY on fcport deletion (bsc#1171688).
- r8169: fix data corruption issue on RTL8402 (bsc#1174098).
- rbd-add-rbd_img_fill_cmp_and_write_from_bvecs.patch: (bsc#1177090).
- rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch: (bsc#1177090).
- regulator: axp20x: fix LDO2/4 description (git-fixes).
- regulator: resolve supply after creating regulator (git-fixes).
- rename Other drivers / Intel IOMMU subsection to IOMMU
- rtc: ds1374: fix possible race condition (git-fixes).
- rtc: sa1100: fix possible race condition (git-fixes).
- s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).
- sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)).
- sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)).
- sched/numa: Avoid creating large imbalances at task creation time (bnc#1176588).
- sched/numa: Check numa balancing information only when enabled (bnc#1176588).
- sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)).
- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).
- scsi: qla2xxx: Add IOCB resource tracking (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Add SLER and PI control support (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Add rport fields in debugfs (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix MPI reset needed message (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix memory size truncation (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Performance tweak (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1171688 bsc#1174003).
- serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).
- serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).
- serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
- serial: uartps: Wait for tx_empty in console setup (git-fixes).
- spi: dw-pci: free previously allocated IRQs if desc->setup() fails (git-fixes).
- spi: fsl-espi: Only process interrupts for expected events (git-fixes).
- spi: omap2-mcspi: Improve performance waiting for CHSTAT (git-fixes).
- spi: sprd: Release DMA channel also on probe deferral (git-fixes).
- spi: stm32: Rate-limit the 'Communication suspended' message (git-fixes).
- staging:r8188eu: avoid skb_clone for amsdu to msdu conversion (git-fixes).
- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (git-fixes).
- target-compare-and-write-backend-driver-sense-handli.patch: (bsc#1177719).
- target-rbd-add-WRITE-SAME-support.patch: (bsc#1177090).
- target-rbd-add-emulate_legacy_capacity-dev-attribute.patch: (bsc#1177109).
- target-rbd-conditionally-fix-off-by-one-bug-in-get_b.patch: (bsc#1177109).
- target-rbd-detect-stripe_unit-SCSI-block-size-misali.patch: (bsc#1177090).
- target-rbd-fix-unmap-discard-block-size-conversion.patch: (bsc#1177271).
- target-rbd-fix-unmap-handling-with-unmap_zeroes_data.patch: (bsc#1177271).
- target-rbd-support-COMPARE_AND_WRITE.patch: (bsc#1177090).
- thermal: rcar_thermal: Handle probe error gracefully (git-fixes).
- usb: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).
- vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn (bsc#1176979).
- virtio-net: do not disable guest csum when disable LRO (git-fixes).
- vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).
- wlcore: fix runtime pm imbalance in wl1271_tx_work (git-fixes).
- wlcore: fix runtime pm imbalance in wlcore_regdomain_config (git-fixes).
- x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1176907).
- xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
- xprtrdma: fix incorrect header size calculations (git-fixes).
- yam: fix possible memory leak in yam_init_driver (git-fixes).
Patchnames: openSUSE-2020-1698
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
79 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1065600 | self |
| https://bugzilla.suse.com/1065729 | self |
| https://bugzilla.suse.com/1155798 | self |
| https://bugzilla.suse.com/1165692 | self |
| https://bugzilla.suse.com/1168468 | self |
| https://bugzilla.suse.com/1171675 | self |
| https://bugzilla.suse.com/1171688 | self |
| https://bugzilla.suse.com/1174003 | self |
| https://bugzilla.suse.com/1174098 | self |
| https://bugzilla.suse.com/1175599 | self |
| https://bugzilla.suse.com/1175621 | self |
| https://bugzilla.suse.com/1175718 | self |
| https://bugzilla.suse.com/1175807 | self |
| https://bugzilla.suse.com/1176019 | self |
| https://bugzilla.suse.com/1176381 | self |
| https://bugzilla.suse.com/1176400 | self |
| https://bugzilla.suse.com/1176588 | self |
| https://bugzilla.suse.com/1176907 | self |
| https://bugzilla.suse.com/1176979 | self |
| https://bugzilla.suse.com/1177090 | self |
| https://bugzilla.suse.com/1177109 | self |
| https://bugzilla.suse.com/1177121 | self |
| https://bugzilla.suse.com/1177193 | self |
| https://bugzilla.suse.com/1177194 | self |
| https://bugzilla.suse.com/1177206 | self |
| https://bugzilla.suse.com/1177258 | self |
| https://bugzilla.suse.com/1177271 | self |
| https://bugzilla.suse.com/1177283 | self |
| https://bugzilla.suse.com/1177284 | self |
| https://bugzilla.suse.com/1177285 | self |
| https://bugzilla.suse.com/1177286 | self |
| https://bugzilla.suse.com/1177297 | self |
| https://bugzilla.suse.com/1177384 | self |
| https://bugzilla.suse.com/1177511 | self |
| https://bugzilla.suse.com/1177617 | self |
| https://bugzilla.suse.com/1177681 | self |
| https://bugzilla.suse.com/1177683 | self |
| https://bugzilla.suse.com/1177687 | self |
| https://bugzilla.suse.com/1177694 | self |
| https://bugzilla.suse.com/1177697 | self |
| https://bugzilla.suse.com/1177719 | self |
| https://bugzilla.suse.com/1177724 | self |
| https://bugzilla.suse.com/1177725 | self |
| https://bugzilla.suse.com/1177726 | self |
| https://bugzilla.suse.com/802154 | self |
| https://bugzilla.suse.com/954532 | self |
| https://www.suse.com/security/cve/CVE-2020-12351/ | self |
| https://www.suse.com/security/cve/CVE-2020-12352/ | self |
| https://www.suse.com/security/cve/CVE-2020-24490/ | self |
| https://www.suse.com/security/cve/CVE-2020-25212/ | self |
| https://www.suse.com/security/cve/CVE-2020-25641/ | self |
| https://www.suse.com/security/cve/CVE-2020-25643/ | self |
| https://www.suse.com/security/cve/CVE-2020-25645/ | self |
| https://www.suse.com/security/cve/CVE-2020-12351 | external |
| https://bugzilla.suse.com/1177724 | external |
| https://bugzilla.suse.com/1177729 | external |
| https://bugzilla.suse.com/1178397 | external |
| https://www.suse.com/security/cve/CVE-2020-12352 | external |
| https://bugzilla.suse.com/1177725 | external |
| https://bugzilla.suse.com/1178398 | external |
| https://www.suse.com/security/cve/CVE-2020-24490 | external |
| https://bugzilla.suse.com/1177726 | external |
| https://bugzilla.suse.com/1177727 | external |
| https://www.suse.com/security/cve/CVE-2020-25212 | external |
| https://bugzilla.suse.com/1176381 | external |
| https://bugzilla.suse.com/1176382 | external |
| https://bugzilla.suse.com/1177027 | external |
| https://www.suse.com/security/cve/CVE-2020-25641 | external |
| https://bugzilla.suse.com/1177121 | external |
| https://www.suse.com/security/cve/CVE-2020-25643 | external |
| https://bugzilla.suse.com/1177206 | external |
| https://bugzilla.suse.com/1177226 | external |
| https://www.suse.com/security/cve/CVE-2020-25645 | external |
| https://bugzilla.suse.com/1177511 | external |
| https://bugzilla.suse.com/1177513 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka \u0027BleedingTooth\u0027 aka \u0027BadKarma\u0027 (bsc#1177724).\n- CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka \u0027BleedingTooth\u0027 aka \u0027BadVibes\u0027 (bsc#1177726).\n- CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka \u0027BleedingTooth\u0027 aka \u0027BadChoice\u0027 (bsc#1177725).\n- CVE-2020-25212: A TOCTOU mismatch in the NFS client code in the Linux kernel could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).\n- CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511).\n- CVE-2020-25643: Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (bnc#1177206).\n- CVE-2020-25641: A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allowed a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability (bnc#1177121).\n\nThe following non-security bugs were fixed:\n\n- 9p: Fix memory leak in v9fs_mount (git-fixes).\n- ACPI: EC: Reference count query handlers under lock (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes).\n- ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes).\n- ASoC: kirkwood: fix IRQ error handling (git-fixes).\n- ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions (git-fixes).\n- ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes).\n- Bluetooth: Fix refcount use-after-free issue (git-fixes).\n- Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).\n- Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).\n- Bluetooth: guard against controllers sending zero\u0027d events (git-fixes).\n- Bluetooth: prefetch channel before killing sock (git-fixes).\n- Btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019).\n- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532).\n- Input: trackpoint - enable Synaptics trackpoints (git-fixes).\n- Move upstreamed intel-vbtn patch into sorted section\n- NFS: Do not move layouts to plh_return_segs list while in use (git-fixes).\n- NFS: Do not return layout segments that are in use (git-fixes).\n- NFS: Fix flexfiles read failover (git-fixes).\n- NFSv4.2: fix client\u0027s attribute cache management for copy_file_range (git-fixes).\n- PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).\n- PCI: Avoid double hpmemsize MMIO window assignment (git-fixes).\n- PCI: tegra194: Fix runtime PM imbalance on error (git-fixes).\n- PCI: tegra: Fix runtime PM imbalance on error (git-fixes).\n- Platform: OLPC: Fix memleak in olpc_ec_probe (git-fixes).\n- RDMA/hfi1: Correct an interlock issue for TID RDMA WRITE request (bsc#1175621).\n- Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675).\n- SUNRPC: Revert 241b1f419f0e (\u0027SUNRPC: Remove xdr_buf_trim()\u0027) (git-fixes).\n- USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).\n- USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).\n- USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).\n- Update patches.suse/target-add-rbd-backend.patch: (). (simplify block to byte calculations and use consistent error paths)\n- Update config files. Enable ACPI_PCI_SLOT and HOTPLUG_PCI_ACPI (bsc#1177194).\n- airo: Fix read overflows sending packets (git-fixes).\n- ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).\n- arm64: Enable PCI write-combine resources under sysfs (bsc#1175807).\n- ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 (git-fixes).\n- ath10k: fix array out-of-bounds access (git-fixes).\n- ath10k: fix memory leak for tpc_stats_final (git-fixes).\n- ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).\n- brcmfmac: Fix double freeing in the fmac usb data path (git-fixes).\n- btrfs: block-group: do not set the wrong READA flag for btrfs_read_block_groups() (bsc#1176019).\n- btrfs: block-group: fix free-space bitmap threshold (bsc#1176019).\n- btrfs: block-group: refactor how we delete one block group item (bsc#1176019).\n- btrfs: block-group: refactor how we insert a block group item (bsc#1176019).\n- btrfs: block-group: refactor how we read one block group item (bsc#1176019).\n- btrfs: block-group: rename write_one_cache_group() (bsc#1176019).\n- btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687).\n- btrfs: do not set the full sync flag on the inode during page release (bsc#1177687).\n- btrfs: do not take an extra root ref at allocation time (bsc#1176019).\n- btrfs: drop logs when we\u0027ve aborted a transaction (bsc#1176019).\n- btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019).\n- btrfs: fix race between page release and a fast fsync (bsc#1177687).\n- btrfs: free block groups after free\u0027ing fs trees (bsc#1176019).\n- btrfs: hold a ref on the root on the dead roots list (bsc#1176019).\n- btrfs: kill the subvol_srcu (bsc#1176019).\n- btrfs: make btrfs_cleanup_fs_roots use the radix tree lock (bsc#1176019).\n- btrfs: make inodes hold a ref on their roots (bsc#1176019).\n- btrfs: make the extent buffer leak check per fs info (bsc#1176019).\n- btrfs: move ino_cache_inode dropping out of btrfs_free_fs_root (bsc#1176019).\n- btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019).\n- btrfs: move the root freeing stuff into btrfs_put_root (bsc#1176019).\n- btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687).\n- btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687).\n- btrfs: reduce contention on log trees when logging checksums (bsc#1177687).\n- btrfs: release old extent maps during page release (bsc#1177687).\n- btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019).\n- btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687).\n- btrfs: rename member \u0027trimming\u0027 of block group to a more generic name (bsc#1176019).\n- btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019).\n- btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687).\n- bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes).\n- clk/ti/adpll: allocate room for terminating null (git-fixes).\n- clk: samsung: exynos4: mark \u0027chipid\u0027 clock as CLK_IGNORE_UNUSED (git-fixes).\n- clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk (git-fixes).\n- clk: tegra: Always program PLL_E when enabled (git-fixes).\n- clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes).\n- clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes).\n- cpuidle: Poll for a minimum of 30ns and poll for a tick if lower c-states are disabled (bnc#1176588).\n- create Storage / NVMe subsection\n- crypto: algif_aead - Do not set MAY_BACKLOG on the async path (git-fixes).\n- crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).\n- crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).\n- crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175718).\n- crypto: dh - check validity of Z before export (bsc#1175718).\n- crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175718).\n- crypto: ecdh - check validity of Z before export (bsc#1175718).\n- crypto: ixp4xx - Fix the size used in a \u0027dma_free_coherent()\u0027 call (git-fixes).\n- crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes).\n- crypto: omap-sham - fix digcnt register handling with export/import (git-fixes).\n- crypto: picoxcell - Fix potential race condition bug (git-fixes).\n- crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes).\n- cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).\n- dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) (git-fixes).\n- dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails (git-fixes).\n- dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).\n- dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).\n- dmaengine: tegra-apb: Prevent race conditions on channel\u0027s freeing (git-fixes).\n- dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).\n- drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).\n- drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config (git-fixes).\n- drm/radeon: revert \u0027Prefer lower feedback dividers\u0027 (bsc#1177384).\n- drop Storage / bsc#1171688 subsection No effect on expanded tree.\n- e1000: Do not perform reset in reset_task if we are already down (git-fixes).\n- ftrace: Move RCU is watching check after recursion check (git-fixes).\n- fuse: do not ignore errors from fuse_writepages_fill() (bsc#1177193).\n- gpio: mockup: fix resource leak in error path (git-fixes).\n- gpio: rcar: Fix runtime PM imbalance on error (git-fixes).\n- gpio: siox: explicitly support only threaded irqs (git-fixes).\n- gpio: sprd: Clear interrupt when setting the type as edge (git-fixes).\n- gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).\n- hwmon: (applesmc) check status earlier (git-fixes).\n- hwmon: (mlxreg-fan) Fix double \u0027Mellanox\u0027 (git-fixes).\n- hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} (git-fixes).\n- i2c: aspeed: Mask IRQ status to relevant bits (git-fixes).\n- i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() (git-fixes).\n- i2c: cpm: Fix i2c_ram structure (git-fixes).\n- i2c: i801: Exclude device from suspend direct complete optimization (git-fixes).\n- i2c: meson: fix clock setting overwrite (git-fixes).\n- i2c: meson: fixup rate calculation with filter delay (git-fixes).\n- i2c: owl: Clear NACK and BUS error bits (git-fixes).\n- i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes).\n- i2c: tegra: Restore pinmux on system resume (git-fixes).\n- ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).\n- ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).\n- iio: adc: qcom-spmi-adc5: fix driver name (git-fixes).\n- ima: extend boot_aggregate with kernel measurements (bsc#1177617).\n- iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297).\n- iommu/amd: Fix potential @entry null deref (bsc#1177283).\n- iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284).\n- iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177285).\n- iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177286).\n- iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).\n- kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).\n- kabi fix for NFS: Fix flexfiles read failover (git-fixes).\n- kabi/severities: ignore kABI for target_core_rbd Match behaviour for all other Ceph specific modules.\n- kernel-binary.spec.in: Exclude .config.old from kernel-devel - use tar excludes for .kernel-binary.spec.buildenv\n- kernel-binary.spec.in: Package the obj_install_dir as explicit filelist.\n- leds: mlxreg: Fix possible buffer overflow (git-fixes).\n- lib/mpi: Add mpi_sub_ui() (bsc#1175718).\n- libceph-add-support-for-CMPEXT-compare-extent-reques.patch: (bsc#1177090).\n- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).\n- mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).\n- mac80211: skip mpath lookup also for control port tx (git-fixes).\n- mac802154: tx: fix use-after-free (git-fixes).\n- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).\n- media: Revert \u0027media: exynos4-is: Add missed check for pinctrl_lookup_state()\u0027 (git-fixes).\n- media: camss: Fix a reference count leak (git-fixes).\n- media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).\n- media: mc-device.c: fix memleak in media_device_register_entity (git-fixes).\n- media: mx2_emmaprp: Fix memleak in emmaprp_probe (git-fixes).\n- media: omap3isp: Fix memleak in isp_probe (git-fixes).\n- media: ov5640: Correct Bit Div register in clock tree diagram (git-fixes).\n- media: platform: fcp: Fix a reference count leak (git-fixes).\n- media: rc: do not access device via sysfs after rc_unregister_device() (git-fixes).\n- media: rc: uevent sysfs file races with rc_unregister_device() (git-fixes).\n- media: rcar-csi2: Allocate v4l2_async_subdev dynamically (git-fixes).\n- media: rcar-vin: Fix a reference count leak (git-fixes).\n- media: rockchip/rga: Fix a reference count leak (git-fixes).\n- media: s5p-mfc: Fix a reference count leak (git-fixes).\n- media: smiapp: Fix error handling at NVM reading (git-fixes).\n- media: staging/intel-ipu3: css: Correctly reset some memory (git-fixes).\n- media: stm32-dcmi: Fix a reference count leak (git-fixes).\n- media: tc358743: cleanup tc358743_cec_isr (git-fixes).\n- media: tc358743: initialize variable (git-fixes).\n- media: ti-vpe: Fix a missing check and reference count leak (git-fixes).\n- media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).\n- media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).\n- media: usbtv: Fix refcounting mixup (git-fixes).\n- media: uvcvideo: Set media controller entity functions (git-fixes).\n- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).\n- media: v4l2-async: Document asd allocation requirements (git-fixes).\n- mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).\n- mm, compaction: fully assume capture is not NULL in compact_zone_order() (git fixes (mm/compaction), bsc#1177681).\n- mm, compaction: make capture control handling safe wrt interrupts (git fixes (mm/compaction), bsc#1177681).\n- mm, slab/slub: move and improve cache_from_obj() (mm/slub bsc#1165692).\n- mm, slab/slub: improve error reporting and overhead of cache_from_obj() (mm/slub bsc#1165692).\n- mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692).\n- mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692).\n- mm, slub: introduce kmem_cache_debug_flags() (mm/slub bsc#1165692).\n- mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692).\n- mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692).\n- mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692).\n- mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692).\n- mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692).\n- mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692).\n- mm/debug.c: always print flags in dump_page() (git fixes (mm/debug)).\n- mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() (bsc#1177694).\n- mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683).\n- mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697).\n- mm: call cond_resched() from deferred_init_memmap() (git fixes (mm/init), bsc#1177697).\n- mm: initialize deferred pages with interrupts enabled (git fixes (mm/init), bsc#1177697).\n- mm: move_pages: report the number of non-attempted pages (git fixes (mm/move_pages), bsc#1177683).\n- mm: move_pages: return valid node id in status if the page is already on the target node (git fixes (mm/move_pages), bsc#1177683).\n- mmc: core: Rework wp-gpio handling (git-fixes).\n- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).\n- mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes).\n- mmc: sdhci: Add LTR support for some Intel BYT based controllers (git-fixes).\n- mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).\n- mt76: add missing locking around ampdu action (git-fixes).\n- mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes).\n- mt76: do not use devm API for led classdev (git-fixes).\n- mt76: fix LED link time failure (git-fixes).\n- mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw (git-fixes).\n- mtd: cfi_cmdset_0002: do not free cfi-\u003ecfiq in error path of cfi_amdstd_setup() (git-fixes).\n- mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes).\n- mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes).\n- net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes).\n- nfs: Fix security label length not being reset (bsc#1176381).\n- nfs: ensure correct writeback errors are returned on close() (git-fixes).\n- nfs: nfs_file_write() should check for writeback errors (git-fixes).\n- nfsd4: fix NULL dereference in nfsd/clients display code (git-fixes).\n- nvme-multipath: retry commands for dying queues (bsc#1171688).\n- pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly on read (git-fixes).\n- phy: ti: am654: Fix a leak in serdes_am654_probe() (git-fixes).\n- pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB (git-fixes).\n- pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).\n- platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes).\n- platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes).\n- platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting (bsc#1175599).\n- platform/x86: intel_pmc_core: do not create a static struct device (git-fixes).\n- platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes).\n- platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes).\n- power: supply: max17040: Correct voltage reading (git-fixes).\n- powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).\n- qla2xxx: Return EBUSY on fcport deletion (bsc#1171688).\n- r8169: fix data corruption issue on RTL8402 (bsc#1174098).\n- rbd-add-rbd_img_fill_cmp_and_write_from_bvecs.patch: (bsc#1177090).\n- rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch: (bsc#1177090).\n- regulator: axp20x: fix LDO2/4 description (git-fixes).\n- regulator: resolve supply after creating regulator (git-fixes).\n- rename Other drivers / Intel IOMMU subsection to IOMMU\n- rtc: ds1374: fix possible race condition (git-fixes).\n- rtc: sa1100: fix possible race condition (git-fixes).\n- s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).\n- sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)).\n- sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)).\n- sched/numa: Avoid creating large imbalances at task creation time (bnc#1176588).\n- sched/numa: Check numa balancing information only when enabled (bnc#1176588).\n- sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)).\n- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).\n- scsi: qla2xxx: Add IOCB resource tracking (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Add SLER and PI control support (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Add rport fields in debugfs (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix MPI reset needed message (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix memory size truncation (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Performance tweak (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Remove unneeded variable \u0027rval\u0027 (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1171688 bsc#1174003).\n- serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).\n- serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).\n- serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).\n- serial: uartps: Wait for tx_empty in console setup (git-fixes).\n- spi: dw-pci: free previously allocated IRQs if desc-\u003esetup() fails (git-fixes).\n- spi: fsl-espi: Only process interrupts for expected events (git-fixes).\n- spi: omap2-mcspi: Improve performance waiting for CHSTAT (git-fixes).\n- spi: sprd: Release DMA channel also on probe deferral (git-fixes).\n- spi: stm32: Rate-limit the \u0027Communication suspended\u0027 message (git-fixes).\n- staging:r8188eu: avoid skb_clone for amsdu to msdu conversion (git-fixes).\n- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (git-fixes).\n- target-compare-and-write-backend-driver-sense-handli.patch: (bsc#1177719).\n- target-rbd-add-WRITE-SAME-support.patch: (bsc#1177090).\n- target-rbd-add-emulate_legacy_capacity-dev-attribute.patch: (bsc#1177109).\n- target-rbd-conditionally-fix-off-by-one-bug-in-get_b.patch: (bsc#1177109).\n- target-rbd-detect-stripe_unit-SCSI-block-size-misali.patch: (bsc#1177090).\n- target-rbd-fix-unmap-discard-block-size-conversion.patch: (bsc#1177271).\n- target-rbd-fix-unmap-handling-with-unmap_zeroes_data.patch: (bsc#1177271).\n- target-rbd-support-COMPARE_AND_WRITE.patch: (bsc#1177090).\n- thermal: rcar_thermal: Handle probe error gracefully (git-fixes).\n- usb: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).\n- vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn (bsc#1176979).\n- virtio-net: do not disable guest csum when disable LRO (git-fixes).\n- vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).\n- wlcore: fix runtime pm imbalance in wl1271_tx_work (git-fixes).\n- wlcore: fix runtime pm imbalance in wlcore_regdomain_config (git-fixes).\n- x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1176907).\n- xen/events: do not use chip_data for legacy IRQs (bsc#1065600).\n- xprtrdma: fix incorrect header size calculations (git-fixes).\n- yam: fix possible memory leak in yam_init_driver (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1698",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1698-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1698-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ODIY42JEXH7RGWFLZMCA4RHYSA2XEWTJ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1698-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ODIY42JEXH7RGWFLZMCA4RHYSA2XEWTJ/"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1155798",
"url": "https://bugzilla.suse.com/1155798"
},
{
"category": "self",
"summary": "SUSE Bug 1165692",
"url": "https://bugzilla.suse.com/1165692"
},
{
"category": "self",
"summary": "SUSE Bug 1168468",
"url": "https://bugzilla.suse.com/1168468"
},
{
"category": "self",
"summary": "SUSE Bug 1171675",
"url": "https://bugzilla.suse.com/1171675"
},
{
"category": "self",
"summary": "SUSE Bug 1171688",
"url": "https://bugzilla.suse.com/1171688"
},
{
"category": "self",
"summary": "SUSE Bug 1174003",
"url": "https://bugzilla.suse.com/1174003"
},
{
"category": "self",
"summary": "SUSE Bug 1174098",
"url": "https://bugzilla.suse.com/1174098"
},
{
"category": "self",
"summary": "SUSE Bug 1175599",
"url": "https://bugzilla.suse.com/1175599"
},
{
"category": "self",
"summary": "SUSE Bug 1175621",
"url": "https://bugzilla.suse.com/1175621"
},
{
"category": "self",
"summary": "SUSE Bug 1175718",
"url": "https://bugzilla.suse.com/1175718"
},
{
"category": "self",
"summary": "SUSE Bug 1175807",
"url": "https://bugzilla.suse.com/1175807"
},
{
"category": "self",
"summary": "SUSE Bug 1176019",
"url": "https://bugzilla.suse.com/1176019"
},
{
"category": "self",
"summary": "SUSE Bug 1176381",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "self",
"summary": "SUSE Bug 1176400",
"url": "https://bugzilla.suse.com/1176400"
},
{
"category": "self",
"summary": "SUSE Bug 1176588",
"url": "https://bugzilla.suse.com/1176588"
},
{
"category": "self",
"summary": "SUSE Bug 1176907",
"url": "https://bugzilla.suse.com/1176907"
},
{
"category": "self",
"summary": "SUSE Bug 1176979",
"url": "https://bugzilla.suse.com/1176979"
},
{
"category": "self",
"summary": "SUSE Bug 1177090",
"url": "https://bugzilla.suse.com/1177090"
},
{
"category": "self",
"summary": "SUSE Bug 1177109",
"url": "https://bugzilla.suse.com/1177109"
},
{
"category": "self",
"summary": "SUSE Bug 1177121",
"url": "https://bugzilla.suse.com/1177121"
},
{
"category": "self",
"summary": "SUSE Bug 1177193",
"url": "https://bugzilla.suse.com/1177193"
},
{
"category": "self",
"summary": "SUSE Bug 1177194",
"url": "https://bugzilla.suse.com/1177194"
},
{
"category": "self",
"summary": "SUSE Bug 1177206",
"url": "https://bugzilla.suse.com/1177206"
},
{
"category": "self",
"summary": "SUSE Bug 1177258",
"url": "https://bugzilla.suse.com/1177258"
},
{
"category": "self",
"summary": "SUSE Bug 1177271",
"url": "https://bugzilla.suse.com/1177271"
},
{
"category": "self",
"summary": "SUSE Bug 1177283",
"url": "https://bugzilla.suse.com/1177283"
},
{
"category": "self",
"summary": "SUSE Bug 1177284",
"url": "https://bugzilla.suse.com/1177284"
},
{
"category": "self",
"summary": "SUSE Bug 1177285",
"url": "https://bugzilla.suse.com/1177285"
},
{
"category": "self",
"summary": "SUSE Bug 1177286",
"url": "https://bugzilla.suse.com/1177286"
},
{
"category": "self",
"summary": "SUSE Bug 1177297",
"url": "https://bugzilla.suse.com/1177297"
},
{
"category": "self",
"summary": "SUSE Bug 1177384",
"url": "https://bugzilla.suse.com/1177384"
},
{
"category": "self",
"summary": "SUSE Bug 1177511",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "self",
"summary": "SUSE Bug 1177617",
"url": "https://bugzilla.suse.com/1177617"
},
{
"category": "self",
"summary": "SUSE Bug 1177681",
"url": "https://bugzilla.suse.com/1177681"
},
{
"category": "self",
"summary": "SUSE Bug 1177683",
"url": "https://bugzilla.suse.com/1177683"
},
{
"category": "self",
"summary": "SUSE Bug 1177687",
"url": "https://bugzilla.suse.com/1177687"
},
{
"category": "self",
"summary": "SUSE Bug 1177694",
"url": "https://bugzilla.suse.com/1177694"
},
{
"category": "self",
"summary": "SUSE Bug 1177697",
"url": "https://bugzilla.suse.com/1177697"
},
{
"category": "self",
"summary": "SUSE Bug 1177719",
"url": "https://bugzilla.suse.com/1177719"
},
{
"category": "self",
"summary": "SUSE Bug 1177724",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "self",
"summary": "SUSE Bug 1177725",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "self",
"summary": "SUSE Bug 1177726",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "self",
"summary": "SUSE Bug 802154",
"url": "https://bugzilla.suse.com/802154"
},
{
"category": "self",
"summary": "SUSE Bug 954532",
"url": "https://bugzilla.suse.com/954532"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12352 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24490 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25212 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25641 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25643 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25645 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25645/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-10-19T16:23:34Z",
"generator": {
"date": "2020-10-19T16:23:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1698-1",
"initial_release_date": "2020-10-19T16:23:34Z",
"revision_history": [
{
"date": "2020-10-19T16:23:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-lp152.47.2.noarch",
"product": {
"name": "kernel-devel-5.3.18-lp152.47.2.noarch",
"product_id": "kernel-devel-5.3.18-lp152.47.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-lp152.47.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-lp152.47.1.noarch",
"product_id": "kernel-docs-5.3.18-lp152.47.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-lp152.47.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-lp152.47.1.noarch",
"product_id": "kernel-docs-html-5.3.18-lp152.47.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-lp152.47.2.noarch",
"product": {
"name": "kernel-macros-5.3.18-lp152.47.2.noarch",
"product_id": "kernel-macros-5.3.18-lp152.47.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-lp152.47.2.noarch",
"product": {
"name": "kernel-source-5.3.18-lp152.47.2.noarch",
"product_id": "kernel-source-5.3.18-lp152.47.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"product_id": "kernel-source-vanilla-5.3.18-lp152.47.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-debug-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-debug-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-debug-devel-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-default-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-default-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-default-devel-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-obs-build-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-lp152.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-preempt-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-lp152.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-lp152.47.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-lp152.47.1.x86_64",
"product_id": "kernel-syms-5.3.18-lp152.47.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-debug-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-default-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-lp152.47.2.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch"
},
"product_reference": "kernel-devel-5.3.18-lp152.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-lp152.47.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-lp152.47.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-5.3.18-lp152.47.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch"
},
"product_reference": "kernel-docs-html-5.3.18-lp152.47.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-lp152.47.2.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch"
},
"product_reference": "kernel-macros-5.3.18-lp152.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-lp152.47.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64"
},
"product_reference": "kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-lp152.47.2.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-lp152.47.2.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch"
},
"product_reference": "kernel-source-5.3.18-lp152.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-5.3.18-lp152.47.2.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch"
},
"product_reference": "kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-lp152.47.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-lp152.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-12352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12352"
}
],
"notes": [
{
"category": "general",
"text": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12352",
"url": "https://www.suse.com/security/cve/CVE-2020-12352"
},
{
"category": "external",
"summary": "SUSE Bug 1177725 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "external",
"summary": "SUSE Bug 1178398 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1178398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "moderate"
}
],
"title": "CVE-2020-12352"
},
{
"cve": "CVE-2020-24490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24490"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24490",
"url": "https://www.suse.com/security/cve/CVE-2020-24490"
},
{
"category": "external",
"summary": "SUSE Bug 1177726 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "external",
"summary": "SUSE Bug 1177727 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "important"
}
],
"title": "CVE-2020-24490"
},
{
"cve": "CVE-2020-25212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25212"
}
],
"notes": [
{
"category": "general",
"text": "A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25212",
"url": "https://www.suse.com/security/cve/CVE-2020-25212"
},
{
"category": "external",
"summary": "SUSE Bug 1176381 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "external",
"summary": "SUSE Bug 1176382 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176382"
},
{
"category": "external",
"summary": "SUSE Bug 1177027 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1177027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "important"
}
],
"title": "CVE-2020-25212"
},
{
"cve": "CVE-2020-25641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25641"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25641",
"url": "https://www.suse.com/security/cve/CVE-2020-25641"
},
{
"category": "external",
"summary": "SUSE Bug 1177121 for CVE-2020-25641",
"url": "https://bugzilla.suse.com/1177121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "moderate"
}
],
"title": "CVE-2020-25641"
},
{
"cve": "CVE-2020-25643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25643"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25643",
"url": "https://www.suse.com/security/cve/CVE-2020-25643"
},
{
"category": "external",
"summary": "SUSE Bug 1177206 for CVE-2020-25643",
"url": "https://bugzilla.suse.com/1177206"
},
{
"category": "external",
"summary": "SUSE Bug 1177226 for CVE-2020-25643",
"url": "https://bugzilla.suse.com/1177226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "important"
}
],
"title": "CVE-2020-25643"
},
{
"cve": "CVE-2020-25645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25645"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25645",
"url": "https://www.suse.com/security/cve/CVE-2020-25645"
},
{
"category": "external",
"summary": "SUSE Bug 1177511 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "external",
"summary": "SUSE Bug 1177513 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.47.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.47.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.47.2.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.47.2.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T16:23:34Z",
"details": "important"
}
],
"title": "CVE-2020-25645"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…