English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2020.2580.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:2580-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:2580-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:2580-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bug was fixed:

CVE-2020-14386: Fixed a potential local privilege escalation via memory
corruption (bsc#1176069).

The following non-security bugs were fixed:

bcache: allocate meta data pages as compound pages (bsc#1172873).

block: check queue's limits.discard_granularity in
__blkdev_issue_discard() (bsc#1152148).

block: improve discard bio alignment in __blkdev_issue_discard()
(bsc#1152148).

char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667).

dax: do not print error message for non-persistent memory block device
(bsc#1171073).

dax: print error message by pr_info() in __generic_fsdax_supported()
(bsc#1171073).

device property: Fix the secondary firmware node handling in
set_primary_fwnode() (git-fixes).

dpaa_eth: Fix one possible memleak in dpaa_eth_probe (bsc#1175996).

drm/amd/powerplay: Fix hardmins not being sent to SMU for RV (git-fixes).

drm/msm/a6xx: fix crashdec section name typo (git-fixes).

drm/msm/adreno: fix updating ring fence (git-fixes).

drm/msm/gpu: make ringbuffer readonly (git-fixes).

drm/xen-front: Fix misused IS_ERR_OR_NULL checks (bsc#1065600).

efi: Add support for EFI_RT_PROPERTIES table (bsc#1174029, bsc#1174110,
bsc#1174111).

efi: avoid error message when booting under Xen (bsc#1172419).

efi/efivars: Expose RT service availability via efivars abstraction
(bsc#1174029, bsc#1174110, bsc#1174111).

efi: libstub/tpm: enable tpm eventlog function for ARM platforms
(bsc#1173267).

efi: Mark all EFI runtime services as unsupported on non-EFI boot
(bsc#1174029, bsc#1174110, bsc#1174111).

efi: Register EFI rtc platform device only when available (bsc#1174029,
bsc#1174110, bsc#1174111).

efi: Store mask of supported runtime services in struct efi
(bsc#1174029, bsc#1174110, bsc#1174111).

efi: Use EFI ResetSystem only when available (bsc#1174029, bsc#1174110,
bsc#1174111).

efi: Use more granular check for availability for variable services
(bsc#1174029, bsc#1174110, bsc#1174111).

ext4: handle read only external journal device (bsc#1176063).

felix: Fix initialization of ioremap resources (bsc#1175997).

Fix build error when CONFIG_ACPI is not set/enabled: (bsc#1065600).

infiniband: hfi1: Use EFI GetVariable only when available (bsc#1174029,
bsc#1174110, bsc#1174111).

integrity: Check properly whether EFI GetVariable() is available
(bsc#1174029, bsc#1174110, bsc#1174111).

kabi: Fix kABI after EFI_RT_PROPERTIES table backport (bsc#1174029,
bsc#1174110, bsc#1174111).

kabi/severities: ignore kABI for net/ethernet/mscc/ References:
bsc#1176001,bsc#1175999 Exported symbols from drivers/net/ethernet/mscc/
are only used by drivers/net/dsa/ocelot/

mei: fix CNL itouch device number to match the spec (bsc#1175952).

mei: me: disable mei interface on LBG servers (bsc#1175952).

mei: me: disable ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Module for Public Cloud 15-SP2.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-14386
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNCPXERMUHPSGF6S2VVFL5NVVPBBFB63/
http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
https://seclists.org/oss-sec/2020/q3/146
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
http://www.openwall.com/lists/oss-security/2021/09/17/2
http://www.openwall.com/lists/oss-security/2021/09/17/4
http://www.openwall.com/lists/oss-security/2021/09/21/1
SuSE Security Announcement: openSUSE-SU-2020:1655 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.