SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2105-1)

high Nessus Plugin ID 139308

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2019-19462: relay_open in kernel/relay.c in the Linux kernel allowed local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result (bnc#1158265).

CVE-2019-20810: Fixed a memory leak in go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c because it did not call snd_card_free for a failure path (bnc#1172458).

CVE-2019-20812: An issue was discovered in the prb_calc_retire_blk_tmo() function in net/packet/af_packet.c could result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3 (bnc#1172453).

CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1174462).

CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core Specification v5.2 and earlier may have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key (bnc#1171988).

CVE-2020-10711: A NULL pointer dereference flaw was found in the SELinux subsystem in versions This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine.
This flaw allowed a remote network user to crash the system kernel, resulting in a denial of service (bnc#1171191).

CVE-2020-10732: A flaw was found in the implementation of Userspace core dumps. This flaw allowed an attacker with a local account to crash a trivial program and exfiltrate private kernel data (bnc#1171220).

CVE-2020-10751: A flaw was found in the SELinux LSM hook implementation, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing (bnc#1171189).

CVE-2020-10766: Fixed an issue which allowed an attacker with a local account to disable SSBD protection (bnc#1172781).

CVE-2020-10767: Fixed an issue where Indirect Branch Prediction Barrier was disabled in certain circumstances, leaving the system open to a spectre v2 style attack (bnc#1172782).

CVE-2020-10768: Fixed an issue with the prctl() function, where indirect branch speculation could be enabled even though it was diabled before (bnc#1172783).

CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999).

CVE-2020-10781: A zram sysfs resource consumption was fixed (bnc#1173074).

CVE-2020-12656: Fixed a memory leak in gss_mech_free in the rpcsec_gss_krb5 implementation, caused by a lack of certain domain_release calls (bnc#1171219).

CVE-2020-12769: An issue was discovered in drivers/spi/spi-dw.c allowed attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one (bnc#1171983).

CVE-2020-12771: An issue was discovered in btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails (bnc#1171732).

CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868).

CVE-2020-13143: gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c relies on kstrdup without considering the possibility of an internal '\0' value, which allowed attackers to trigger an out-of-bounds read (bnc#1171982).

CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775).

CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free.
This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).

CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).

CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c where injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 (bnc#1173573).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 15-SP2 :

zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2020-2105=1

SUSE Linux Enterprise Module for Live Patching 15-SP2 :

zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2020-2105=1

SUSE Linux Enterprise Module for Legacy Software 15-SP2 :

zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-2105=1

SUSE Linux Enterprise Module for Development Tools 15-SP2 :

zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2020-2105=1

SUSE Linux Enterprise Module for Basesystem 15-SP2 :

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2105=1

SUSE Linux Enterprise High Availability 15-SP2 :

zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2020-2105=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1159867

https://bugzilla.suse.com/show_bug.cgi?id=1160947

https://bugzilla.suse.com/show_bug.cgi?id=1161495

https://bugzilla.suse.com/show_bug.cgi?id=1162002

https://bugzilla.suse.com/show_bug.cgi?id=1162063

https://bugzilla.suse.com/show_bug.cgi?id=1162400

https://bugzilla.suse.com/show_bug.cgi?id=1162702

https://bugzilla.suse.com/show_bug.cgi?id=1164648

https://bugzilla.suse.com/show_bug.cgi?id=1164777

https://bugzilla.suse.com/show_bug.cgi?id=1164780

https://bugzilla.suse.com/show_bug.cgi?id=1165211

https://bugzilla.suse.com/show_bug.cgi?id=1165933

https://bugzilla.suse.com/show_bug.cgi?id=1165975

https://bugzilla.suse.com/show_bug.cgi?id=1166985

https://bugzilla.suse.com/show_bug.cgi?id=1167104

https://bugzilla.suse.com/show_bug.cgi?id=1167651

https://bugzilla.suse.com/show_bug.cgi?id=1167773

https://bugzilla.suse.com/show_bug.cgi?id=1168230

https://bugzilla.suse.com/show_bug.cgi?id=1168779

https://bugzilla.suse.com/show_bug.cgi?id=1168838

https://bugzilla.suse.com/show_bug.cgi?id=1168959

https://bugzilla.suse.com/show_bug.cgi?id=1169021

https://bugzilla.suse.com/show_bug.cgi?id=1169094

https://bugzilla.suse.com/show_bug.cgi?id=1169194

https://bugzilla.suse.com/show_bug.cgi?id=1169514

https://bugzilla.suse.com/show_bug.cgi?id=1169681

https://bugzilla.suse.com/show_bug.cgi?id=1169771

https://bugzilla.suse.com/show_bug.cgi?id=1170011

https://bugzilla.suse.com/show_bug.cgi?id=1170284

https://bugzilla.suse.com/show_bug.cgi?id=1170442

https://bugzilla.suse.com/show_bug.cgi?id=1170617

https://bugzilla.suse.com/show_bug.cgi?id=1170774

https://bugzilla.suse.com/show_bug.cgi?id=1170879

https://bugzilla.suse.com/show_bug.cgi?id=1170891

https://bugzilla.suse.com/show_bug.cgi?id=1170895

https://bugzilla.suse.com/show_bug.cgi?id=1171150

https://bugzilla.suse.com/show_bug.cgi?id=1171189

https://bugzilla.suse.com/show_bug.cgi?id=1171191

https://bugzilla.suse.com/show_bug.cgi?id=1171219

https://bugzilla.suse.com/show_bug.cgi?id=1171220

https://bugzilla.suse.com/show_bug.cgi?id=1171246

https://bugzilla.suse.com/show_bug.cgi?id=1171417

https://bugzilla.suse.com/show_bug.cgi?id=1171513

https://bugzilla.suse.com/show_bug.cgi?id=1171529

https://bugzilla.suse.com/show_bug.cgi?id=1171530

https://bugzilla.suse.com/show_bug.cgi?id=1171662

https://bugzilla.suse.com/show_bug.cgi?id=1171688

https://bugzilla.suse.com/show_bug.cgi?id=1171699

https://bugzilla.suse.com/show_bug.cgi?id=1171732

https://bugzilla.suse.com/show_bug.cgi?id=1171739

https://bugzilla.suse.com/show_bug.cgi?id=1171743

https://bugzilla.suse.com/show_bug.cgi?id=1171759

https://bugzilla.suse.com/show_bug.cgi?id=1171828

https://bugzilla.suse.com/show_bug.cgi?id=1171857

https://bugzilla.suse.com/show_bug.cgi?id=1171868

https://bugzilla.suse.com/show_bug.cgi?id=1171904

https://bugzilla.suse.com/show_bug.cgi?id=1171915

https://bugzilla.suse.com/show_bug.cgi?id=1171982

https://bugzilla.suse.com/show_bug.cgi?id=1171983

https://bugzilla.suse.com/show_bug.cgi?id=1171988

https://bugzilla.suse.com/show_bug.cgi?id=1172017

https://bugzilla.suse.com/show_bug.cgi?id=1172046

https://bugzilla.suse.com/show_bug.cgi?id=1172061

https://bugzilla.suse.com/show_bug.cgi?id=1172062

https://bugzilla.suse.com/show_bug.cgi?id=1172063

https://bugzilla.suse.com/show_bug.cgi?id=1172064

https://bugzilla.suse.com/show_bug.cgi?id=1172065

https://bugzilla.suse.com/show_bug.cgi?id=1172066

https://bugzilla.suse.com/show_bug.cgi?id=1172067

https://bugzilla.suse.com/show_bug.cgi?id=1172068

https://bugzilla.suse.com/show_bug.cgi?id=1172069

https://bugzilla.suse.com/show_bug.cgi?id=1172073

https://bugzilla.suse.com/show_bug.cgi?id=1172086

https://bugzilla.suse.com/show_bug.cgi?id=1172095

https://bugzilla.suse.com/show_bug.cgi?id=1172169

https://bugzilla.suse.com/show_bug.cgi?id=1172170

https://bugzilla.suse.com/show_bug.cgi?id=1172201

https://bugzilla.suse.com/show_bug.cgi?id=1172208

https://bugzilla.suse.com/show_bug.cgi?id=1172223

https://bugzilla.suse.com/show_bug.cgi?id=1172342

https://bugzilla.suse.com/show_bug.cgi?id=1172343

https://bugzilla.suse.com/show_bug.cgi?id=1172344

https://bugzilla.suse.com/show_bug.cgi?id=1172365

https://bugzilla.suse.com/show_bug.cgi?id=1172366

https://bugzilla.suse.com/show_bug.cgi?id=1172374

https://bugzilla.suse.com/show_bug.cgi?id=1172391

https://bugzilla.suse.com/show_bug.cgi?id=1172393

https://bugzilla.suse.com/show_bug.cgi?id=1172394

https://bugzilla.suse.com/show_bug.cgi?id=1172453

https://bugzilla.suse.com/show_bug.cgi?id=1172458

https://bugzilla.suse.com/show_bug.cgi?id=1172467

https://bugzilla.suse.com/show_bug.cgi?id=1172484

https://bugzilla.suse.com/show_bug.cgi?id=1172537

https://bugzilla.suse.com/show_bug.cgi?id=1172543

https://bugzilla.suse.com/show_bug.cgi?id=1172687

https://bugzilla.suse.com/show_bug.cgi?id=1172719

https://bugzilla.suse.com/show_bug.cgi?id=1172739

https://bugzilla.suse.com/show_bug.cgi?id=1172751

https://bugzilla.suse.com/show_bug.cgi?id=1172759

https://bugzilla.suse.com/show_bug.cgi?id=1172775

https://bugzilla.suse.com/show_bug.cgi?id=1172781

https://bugzilla.suse.com/show_bug.cgi?id=1172782

https://bugzilla.suse.com/show_bug.cgi?id=1172783

https://bugzilla.suse.com/show_bug.cgi?id=1172814

https://bugzilla.suse.com/show_bug.cgi?id=1172823

https://bugzilla.suse.com/show_bug.cgi?id=1172841

https://bugzilla.suse.com/show_bug.cgi?id=1172871

https://bugzilla.suse.com/show_bug.cgi?id=1172938

https://bugzilla.suse.com/show_bug.cgi?id=1172939

https://bugzilla.suse.com/show_bug.cgi?id=1172940

https://bugzilla.suse.com/show_bug.cgi?id=1172956

https://bugzilla.suse.com/show_bug.cgi?id=1172983

https://bugzilla.suse.com/show_bug.cgi?id=1172984

https://bugzilla.suse.com/show_bug.cgi?id=1172985

https://bugzilla.suse.com/show_bug.cgi?id=1172986

https://bugzilla.suse.com/show_bug.cgi?id=1172987

https://bugzilla.suse.com/show_bug.cgi?id=1172988

https://bugzilla.suse.com/show_bug.cgi?id=1172989

https://bugzilla.suse.com/show_bug.cgi?id=1172990

https://bugzilla.suse.com/show_bug.cgi?id=1172999

https://bugzilla.suse.com/show_bug.cgi?id=1173060

https://bugzilla.suse.com/show_bug.cgi?id=1173068

https://bugzilla.suse.com/show_bug.cgi?id=1173074

https://bugzilla.suse.com/show_bug.cgi?id=1173085

https://bugzilla.suse.com/show_bug.cgi?id=1173139

https://bugzilla.suse.com/show_bug.cgi?id=1173206

https://bugzilla.suse.com/show_bug.cgi?id=1173271

https://bugzilla.suse.com/show_bug.cgi?id=1173280

https://bugzilla.suse.com/show_bug.cgi?id=1173284

https://bugzilla.suse.com/show_bug.cgi?id=1173428

https://bugzilla.suse.com/show_bug.cgi?id=1173438

https://bugzilla.suse.com/show_bug.cgi?id=1173461

https://bugzilla.suse.com/show_bug.cgi?id=1173514

https://bugzilla.suse.com/show_bug.cgi?id=1173552

https://bugzilla.suse.com/show_bug.cgi?id=1173573

https://bugzilla.suse.com/show_bug.cgi?id=1173625

https://bugzilla.suse.com/show_bug.cgi?id=1173746

https://bugzilla.suse.com/show_bug.cgi?id=1173776

https://bugzilla.suse.com/show_bug.cgi?id=1173817

https://bugzilla.suse.com/show_bug.cgi?id=1173818

https://bugzilla.suse.com/show_bug.cgi?id=1173820

https://bugzilla.suse.com/show_bug.cgi?id=1173822

https://bugzilla.suse.com/show_bug.cgi?id=1173823

https://bugzilla.suse.com/show_bug.cgi?id=1173824

https://bugzilla.suse.com/show_bug.cgi?id=1173825

https://bugzilla.suse.com/show_bug.cgi?id=1173826

https://bugzilla.suse.com/show_bug.cgi?id=1173827

https://bugzilla.suse.com/show_bug.cgi?id=1173828

https://bugzilla.suse.com/show_bug.cgi?id=1173830

https://bugzilla.suse.com/show_bug.cgi?id=1173831

https://bugzilla.suse.com/show_bug.cgi?id=1173832

https://bugzilla.suse.com/show_bug.cgi?id=1173833

https://bugzilla.suse.com/show_bug.cgi?id=1173834

https://bugzilla.suse.com/show_bug.cgi?id=1173836

https://bugzilla.suse.com/show_bug.cgi?id=1173837

https://bugzilla.suse.com/show_bug.cgi?id=1173838

https://bugzilla.suse.com/show_bug.cgi?id=1173839

https://bugzilla.suse.com/show_bug.cgi?id=1173841

https://bugzilla.suse.com/show_bug.cgi?id=1173843

https://bugzilla.suse.com/show_bug.cgi?id=1173844

https://bugzilla.suse.com/show_bug.cgi?id=1173845

https://bugzilla.suse.com/show_bug.cgi?id=1173847

https://bugzilla.suse.com/show_bug.cgi?id=1173849

https://bugzilla.suse.com/show_bug.cgi?id=1173860

https://bugzilla.suse.com/show_bug.cgi?id=1173894

https://bugzilla.suse.com/show_bug.cgi?id=1173941

https://bugzilla.suse.com/show_bug.cgi?id=1174018

https://bugzilla.suse.com/show_bug.cgi?id=1174072

https://bugzilla.suse.com/show_bug.cgi?id=1174116

https://bugzilla.suse.com/show_bug.cgi?id=1174126

https://bugzilla.suse.com/show_bug.cgi?id=1174127

https://bugzilla.suse.com/show_bug.cgi?id=1174128

https://bugzilla.suse.com/show_bug.cgi?id=1174129

https://bugzilla.suse.com/show_bug.cgi?id=1174185

https://bugzilla.suse.com/show_bug.cgi?id=1174244

https://bugzilla.suse.com/show_bug.cgi?id=1174263

https://bugzilla.suse.com/show_bug.cgi?id=1174264

https://bugzilla.suse.com/show_bug.cgi?id=1174331

https://bugzilla.suse.com/show_bug.cgi?id=1174332

https://bugzilla.suse.com/show_bug.cgi?id=1174333

https://bugzilla.suse.com/show_bug.cgi?id=1174345

https://bugzilla.suse.com/show_bug.cgi?id=1174356

https://bugzilla.suse.com/show_bug.cgi?id=1174396

https://bugzilla.suse.com/show_bug.cgi?id=1174398

https://bugzilla.suse.com/show_bug.cgi?id=1174407

https://bugzilla.suse.com/show_bug.cgi?id=1174409

https://bugzilla.suse.com/show_bug.cgi?id=1174411

https://bugzilla.suse.com/show_bug.cgi?id=1174438

https://bugzilla.suse.com/show_bug.cgi?id=1174462

https://bugzilla.suse.com/show_bug.cgi?id=1174513

https://bugzilla.suse.com/show_bug.cgi?id=1174527

https://bugzilla.suse.com/show_bug.cgi?id=1174543

https://bugzilla.suse.com/show_bug.cgi?id=1174627

https://bugzilla.suse.com/show_bug.cgi?id=962849

https://www.suse.com/security/cve/CVE-2019-19462/

https://www.suse.com/security/cve/CVE-2019-20810/

https://www.suse.com/security/cve/CVE-2019-20812/

https://www.suse.com/security/cve/CVE-2020-0305/

https://www.suse.com/security/cve/CVE-2020-10135/

https://www.suse.com/security/cve/CVE-2020-10711/

https://www.suse.com/security/cve/CVE-2020-10732/

https://www.suse.com/security/cve/CVE-2020-10751/

https://www.suse.com/security/cve/CVE-2020-10766/

https://www.suse.com/security/cve/CVE-2020-10767/

https://www.suse.com/security/cve/CVE-2020-10768/

https://www.suse.com/security/cve/CVE-2020-10773/

https://www.suse.com/security/cve/CVE-2020-10781/

https://www.suse.com/security/cve/CVE-2020-12656/

https://www.suse.com/security/cve/CVE-2020-12769/

https://www.suse.com/security/cve/CVE-2020-12771/

https://www.suse.com/security/cve/CVE-2020-12888/

https://www.suse.com/security/cve/CVE-2020-13143/

https://www.suse.com/security/cve/CVE-2020-13974/

https://www.suse.com/security/cve/CVE-2020-14416/

https://www.suse.com/security/cve/CVE-2020-15393/

https://www.suse.com/security/cve/CVE-2020-15780/

http://www.nessus.org/u?965229cb

https://bugzilla.suse.com/show_bug.cgi?id=1058115

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1071995

https://bugzilla.suse.com/show_bug.cgi?id=1085030

https://bugzilla.suse.com/show_bug.cgi?id=1148868

https://bugzilla.suse.com/show_bug.cgi?id=1152472

https://bugzilla.suse.com/show_bug.cgi?id=1152489

https://bugzilla.suse.com/show_bug.cgi?id=1153274

https://bugzilla.suse.com/show_bug.cgi?id=1154353

https://bugzilla.suse.com/show_bug.cgi?id=1154492

https://bugzilla.suse.com/show_bug.cgi?id=1155518

https://bugzilla.suse.com/show_bug.cgi?id=1155798

https://bugzilla.suse.com/show_bug.cgi?id=1156395

https://bugzilla.suse.com/show_bug.cgi?id=1157169

https://bugzilla.suse.com/show_bug.cgi?id=1158050

https://bugzilla.suse.com/show_bug.cgi?id=1158242

https://bugzilla.suse.com/show_bug.cgi?id=1158265

https://bugzilla.suse.com/show_bug.cgi?id=1158748

https://bugzilla.suse.com/show_bug.cgi?id=1158765

https://bugzilla.suse.com/show_bug.cgi?id=1158983

https://bugzilla.suse.com/show_bug.cgi?id=1159781

Plugin Details

Severity: High

ID: 139308

File Name: suse_SU-2020-2105-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 8/4/2020

Updated: 5/12/2022

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2020-15780

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2020-13974

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-preempt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-preempt-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-preempt-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/3/2020

Vulnerability Publication Date: 11/30/2019

Reference Information

CVE: CVE-2019-19462, CVE-2019-20810, CVE-2019-20812, CVE-2020-0305, CVE-2020-10135, CVE-2020-10711, CVE-2020-10732, CVE-2020-10751, CVE-2020-10766, CVE-2020-10767, CVE-2020-10768, CVE-2020-10773, CVE-2020-10781, CVE-2020-12656, CVE-2020-12769, CVE-2020-12771, CVE-2020-12888, CVE-2020-13143, CVE-2020-13974, CVE-2020-14416, CVE-2020-15393, CVE-2020-15780