Synopsis:          Important: kernel security and bug fix update
Advisory ID:       SLSA-2020:5437-1
Issue Date:        2020-12-15
CVE Numbers:       None
--

Security Fix(es):

* kernel: metadata validator in XFS may cause an inode with a valid,
user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385)

* kernel: The flow_dissector feature allows device tracking
(CVE-2019-18282)

* kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload
longer than 4 bytes is not aligned. (CVE-2020-10769)

* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)

* kernel: umask not applied on filesystem without ACL support
(CVE-2020-24394)

* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)

* kernel: improper input validation in ppp_cp_parse_cr function leads to
memory corruption and read overflow (CVE-2020-25643)
--

SL7
  x86_64
    bpftool-3.10.0-1160.11.1.el7.x86_64.rpm
    bpftool-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-debug-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-devel-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-tools-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-1160.11.1.el7.x86_64.rpm
    perf-3.10.0-1160.11.1.el7.x86_64.rpm
    perf-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
    python-perf-3.10.0-1160.11.1.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-1160.11.1.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-1160.11.1.el7.noarch.rpm
    kernel-doc-3.10.0-1160.11.1.el7.noarch.rpm

- Scientific Linux Development Team