Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (7)
📋 Description
CVE-2017-18551 — kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c CVE-2018-20836 — kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free CVE-2019-9454 — kernel: out of bounds write in i2c driver leads to local escalation of privilege CVE-2019-19046 — kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c CVE-2019-19447 — kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c CVE-2019-20636 — kernel: out-of-bounds write via crafted keycode table CVE-2020-12770 — kernel: sg_write function lacks an sg_remove_request call in a certain failure case
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2020:5656
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1707796
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1757368
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1774988
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1781679
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1818818
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1824059
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1834845
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5656.json