kernel (SL7)

Synopsis: Important: kernel security and bug fix update
Advisory ID: SLSA-2020:5437-1
Issue Date: 2020-12-15
CVE Numbers: CVE-2019-18282
CVE-2020-10769
CVE-2020-14314
CVE-2020-14385
CVE-2020-24394
CVE-2020-25212
CVE-2020-25643

Security Fix(es):

* kernel: metadata validator in XFS may cause an inode with a valid,
user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385)

* kernel: The flow_dissector feature allows device tracking
(CVE-2019-18282)

* kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload
longer than 4 bytes is not aligned. (CVE-2020-10769)

* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)

* kernel: umask not applied on filesystem without ACL support
(CVE-2020-24394)

* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)

* kernel: improper input validation in ppp_cp_parse_cr function leads to
memory corruption and read overflow (CVE-2020-25643)

SL7
x86_64
bpftool-3.10.0-1160.11.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.11.1.el7.x86_64.rpm
perf-3.10.0-1160.11.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
python-perf-3.10.0-1160.11.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.11.1.el7.x86_64.rpm
noarch
kernel-abi-whitelists-3.10.0-1160.11.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.11.1.el7.noarch.rpm

– Scientific Linux Development Team