-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: kernel-alt security and bug fix update
Advisory ID:       RHSA-2020:2854-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:2854
Issue date:        2020-07-07
CVE Names:         CVE-2018-16884 CVE-2019-9458 CVE-2019-11811 
                   CVE-2019-15917 CVE-2019-18808 CVE-2019-19062 
                   CVE-2019-19767 CVE-2019-20636 CVE-2020-8834 
                   CVE-2020-10720 CVE-2020-11565 CVE-2020-12888 
====================================================================
1. Summary:

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le

3. Description:

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)

* Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state
leads to host stack corruption (CVE-2020-8834)

* Kernel: vfio: access to disabled MMIO space of some devices may lead to
DoS scenario (CVE-2020-12888)

* kernel: use after free due to race condition in the video driver leads to
local privilege escalation (CVE-2019-9458)

* kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c,
ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)

* kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)

* kernel: memory leak in ccp_run_sha_cmd() function in
drivers/crypto/ccp/ccp-ops.c (CVE-2019-18808)

* kernel: use-after-free in __ext4_expand_extra_isize and
ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
(CVE-2019-19767)

* kernel: an out-of-bounds write via crafted keycode table (CVE-2019-20636)

* kernel: use-after-free read in napi_gro_frags() in the Linux kernel
(CVE-2020-10720)

* kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
(CVE-2020-11565)

* kernel: A memory leak in the crypto_report() function in
crypto/crypto_user_base.c allows for a DoS (CVE-2019-19062)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* XFS: Metadata corruption detected at xfs_attr3_leaf_read_verify
[rhel-alt-7.6.z] (BZ#1830836)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c
1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
1775021 - CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS
1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
1781204 - CVE-2020-10720 kernel: use-after-free read in napi_gro_frags() in the Linux kernel
1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation
1819615 - CVE-2020-8834 Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption
1824059 - CVE-2019-20636 kernel: an out-of-bounds write via crafted keycode table
1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

6. Package List:

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
kernel-alt-4.14.0-115.26.1.el7a.src.rpm

aarch64:
kernel-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debug-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debug-devel-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-devel-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-headers-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-tools-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-tools-libs-4.14.0-115.26.1.el7a.aarch64.rpm
perf-4.14.0-115.26.1.el7a.aarch64.rpm
perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
python-perf-4.14.0-115.26.1.el7a.aarch64.rpm
python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm

noarch:
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm

ppc64le:
kernel-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-bootwrapper-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debug-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-devel-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-headers-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-tools-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-tools-libs-4.14.0-115.26.1.el7a.ppc64le.rpm
perf-4.14.0-115.26.1.el7a.ppc64le.rpm
perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
python-perf-4.14.0-115.26.1.el7a.ppc64le.rpm
python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm

s390x:
kernel-4.14.0-115.26.1.el7a.s390x.rpm
kernel-debug-4.14.0-115.26.1.el7a.s390x.rpm
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm
kernel-debug-devel-4.14.0-115.26.1.el7a.s390x.rpm
kernel-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm
kernel-debuginfo-common-s390x-4.14.0-115.26.1.el7a.s390x.rpm
kernel-devel-4.14.0-115.26.1.el7a.s390x.rpm
kernel-headers-4.14.0-115.26.1.el7a.s390x.rpm
kernel-kdump-4.14.0-115.26.1.el7a.s390x.rpm
kernel-kdump-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm
kernel-kdump-devel-4.14.0-115.26.1.el7a.s390x.rpm
perf-4.14.0-115.26.1.el7a.s390x.rpm
perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm
python-perf-4.14.0-115.26.1.el7a.s390x.rpm
python-perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

aarch64:
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
kernel-tools-libs-devel-4.14.0-115.26.1.el7a.aarch64.rpm
perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm

noarch:
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm

ppc64le:
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debug-devel-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
kernel-tools-libs-devel-4.14.0-115.26.1.el7a.ppc64le.rpm
perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-16884
https://access.redhat.com/security/cve/CVE-2019-9458
https://access.redhat.com/security/cve/CVE-2019-11811
https://access.redhat.com/security/cve/CVE-2019-15917
https://access.redhat.com/security/cve/CVE-2019-18808
https://access.redhat.com/security/cve/CVE-2019-19062
https://access.redhat.com/security/cve/CVE-2019-19767
https://access.redhat.com/security/cve/CVE-2019-20636
https://access.redhat.com/security/cve/CVE-2020-8834
https://access.redhat.com/security/cve/CVE-2020-10720
https://access.redhat.com/security/cve/CVE-2020-11565
https://access.redhat.com/security/cve/CVE-2020-12888
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXwR2VtzjgjWX9erEAQioXRAAgGE4sBiAIHtKC+PW9SPzn5Casw7FUvkC
uIfknM5Hk5I3ohpa9uH3hy9Br6rLpPrk4fgWCXSpUV3H8TFvUlzF4mR2wxIsS43o
vn0GMsYUeSPWjISTalWtqemwq5TYxVfBMp6lQ27HUHOIhbffiokP6sQhH/qbu4Mm
rsgU1GvDG+KeEKKuUd1btEBsKVIoZ8/sxKzU9r/hUaGFf2+dd3TBoImCsN6aiu9l
5V9NFYt4Joc8AGgO1VUZP1YLh4gX9nwtM6iG4eCpx7snlAJlPio5LhadHeNZKOky
8CyTVSLEwIVRMWWTBSLlVpzWpRo8LYLcP/GS7ssj5zFeFD0xFynttcdCyqJ1y5D2
kb3f9T2ENWtcdNf90nQpUFzhXOABYvxJI0N3sgVzC0IuAIkEEbjVeqQadNfXdIgQ
vul5m9v/Dh2nShyKwTSL1GbNdCDSVEGnDxMGbim9Dn+qzjYtexsWqZaPbnTLq8Ff
wRtW7ulY8w0ky+nKpdaSMvbfaP0hKIzXXRm80WaU0/HRCRdohfbABjj7hF7M7h6t
1Fuc6AvrcjrPzT69Crde3kT27p8EQOe/i6AyzwDv8Ccd6V3HYWB12bU0fMpa1ekL
v7oDPyLXBVXyEIEGzkPpOyaoQ4qVxDkEXHHx/7UkuQBoN6zULWQC98YldCoM8l4B
0di6aVxR9aQ=jdjK
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2020-2854:01 Important: kernel-alt security and bug fix update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7

Summary

The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
* Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption (CVE-2020-8834)
* Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)
* kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)
* kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
* kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)
* kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c (CVE-2019-18808)
* kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c (CVE-2019-19767)
* kernel: an out-of-bounds write via crafted keycode table (CVE-2019-20636)
* kernel: use-after-free read in napi_gro_frags() in the Linux kernel (CVE-2020-10720)
* kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)
* kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS (CVE-2019-19062)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* XFS: Metadata corruption detected at xfs_attr3_leaf_read_verify [rhel-alt-7.6.z] (BZ#1830836)



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2018-16884 https://access.redhat.com/security/cve/CVE-2019-9458 https://access.redhat.com/security/cve/CVE-2019-11811 https://access.redhat.com/security/cve/CVE-2019-15917 https://access.redhat.com/security/cve/CVE-2019-18808 https://access.redhat.com/security/cve/CVE-2019-19062 https://access.redhat.com/security/cve/CVE-2019-19767 https://access.redhat.com/security/cve/CVE-2019-20636 https://access.redhat.com/security/cve/CVE-2020-8834 https://access.redhat.com/security/cve/CVE-2020-10720 https://access.redhat.com/security/cve/CVE-2020-11565 https://access.redhat.com/security/cve/CVE-2020-12888 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: kernel-alt-4.14.0-115.26.1.el7a.src.rpm
aarch64: kernel-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debug-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debug-devel-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm kernel-devel-4.14.0-115.26.1.el7a.aarch64.rpm kernel-headers-4.14.0-115.26.1.el7a.aarch64.rpm kernel-tools-4.14.0-115.26.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm kernel-tools-libs-4.14.0-115.26.1.el7a.aarch64.rpm perf-4.14.0-115.26.1.el7a.aarch64.rpm perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm python-perf-4.14.0-115.26.1.el7a.aarch64.rpm python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
noarch: kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm
ppc64le: kernel-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-bootwrapper-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debug-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-devel-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-headers-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-tools-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-tools-libs-4.14.0-115.26.1.el7a.ppc64le.rpm perf-4.14.0-115.26.1.el7a.ppc64le.rpm perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm python-perf-4.14.0-115.26.1.el7a.ppc64le.rpm python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
s390x: kernel-4.14.0-115.26.1.el7a.s390x.rpm kernel-debug-4.14.0-115.26.1.el7a.s390x.rpm kernel-debug-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm kernel-debug-devel-4.14.0-115.26.1.el7a.s390x.rpm kernel-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm kernel-debuginfo-common-s390x-4.14.0-115.26.1.el7a.s390x.rpm kernel-devel-4.14.0-115.26.1.el7a.s390x.rpm kernel-headers-4.14.0-115.26.1.el7a.s390x.rpm kernel-kdump-4.14.0-115.26.1.el7a.s390x.rpm kernel-kdump-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm kernel-kdump-devel-4.14.0-115.26.1.el7a.s390x.rpm perf-4.14.0-115.26.1.el7a.s390x.rpm perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm python-perf-4.14.0-115.26.1.el7a.s390x.rpm python-perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm kernel-tools-libs-devel-4.14.0-115.26.1.el7a.aarch64.rpm perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm
noarch: kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm
ppc64le: kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debug-devel-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm kernel-tools-libs-devel-4.14.0-115.26.1.el7a.ppc64le.rpm perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2020:2854-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:2854
Issued Date: : 2020-07-07
CVE Names: CVE-2018-16884 CVE-2019-9458 CVE-2019-11811 CVE-2019-15917 CVE-2019-18808 CVE-2019-19062 CVE-2019-19767 CVE-2019-20636 CVE-2020-8834 CVE-2020-10720 CVE-2020-11565 CVE-2020-12888

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le


Bugs Fixed

1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()

1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c

1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c

1775021 - CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS

1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

1781204 - CVE-2020-10720 kernel: use-after-free read in napi_gro_frags() in the Linux kernel

1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c

1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation

1819615 - CVE-2020-8834 Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption

1824059 - CVE-2019-20636 kernel: an out-of-bounds write via crafted keycode table

1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c

1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario


Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved