Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2018:0040-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:0040-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:0040-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory
- CVE-2017-5753: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use attacker controllable speculative
execution over code patterns in the Linux Kernel to leak content from
otherwise not readable memory in the same address space, allowing
retrieval of passwords, cryptographic keys and other secrets.
This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel.
- CVE-2017-5715: Local attackers on systems with modern CPUs featuring
branch prediction could use mispredicted branches to speculatively
execute code patterns that in turn could be made to leak other
non-readable content in the same address space, an attack similar to
This problem is mitigated by disabling predictive branches, depending
on CPU architecture either by firmware updates and/or fixes in the
user-kernel privilege boundaries.
Please contact your CPU / hardware vendor for potential microcode
or BIOS updates needed for this fix.
As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option.
- CVE-2017-5754: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use code patterns in userspace to
speculative executive code that would read otherwise read protected
memory, an attack similar to CVE-2017-5753.
This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called
'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'
and 'PTI' / 'Page Table Isolation'.
This feature is disabled on unaffected architectures.
This feature can be enabled / disabled by the 'pti=[onoffauto]' or
'nopti' commandline options.
The following security bugs were fixed:
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ)
was vulnerable to a stack overflow vulnerability in the processing of
L2CAP configuration responses resulting in Remote code execution in
kernel space (bnc#1057389).
- CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel did not
ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or
less, which allowed local users to cause a denial of service
(out-of-bounds access) or possibly have unspecified other impact via an
XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231).
- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed
reinstallation of the Group Temporal Key (GTK) during the group key
handshake, allowing an attacker within radio range to replay frames from
access points to clients (bnc#1063667).
- CVE-2... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP3

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-5715
BugTraq ID: 102376
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
Bugtraq: 20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu (Google Search)
CERT/CC vulnerability note: VU#180049
CERT/CC vulnerability note: VU#584653
Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities
Debian Security Information: DSA-4120 (Google Search)
Debian Security Information: DSA-4187 (Google Search)
Debian Security Information: DSA-4188 (Google Search)
Debian Security Information: DSA-4213 (Google Search)
FreeBSD Security Advisory: FreeBSD-SA-18:03
RedHat Security Advisories: RHSA-2018:0292
SuSE Security Announcement: SUSE-SU-2018:0006 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0007 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0008 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0009 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0019 (Google Search)
SuSE Security Announcement: SUSE-SU-2018:0020 (Google Search)
SuSE Security Announcement: openSUSE-SU-2018:0013 (Google Search)
SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search)
SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-5753
BugTraq ID: 102371
Common Vulnerability Exposure (CVE) ID: CVE-2017-5754
BugTraq ID: 102378
BugTraq ID: 106128
Debian Security Information: DSA-4078 (Google Search)
Debian Security Information: DSA-4082 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-7472
BugTraq ID: 98422
RedHat Security Advisories: RHSA-2018:0151
RedHat Security Advisories: RHSA-2018:0152
RedHat Security Advisories: RHSA-2018:0181
Common Vulnerability Exposure (CVE) ID: CVE-2017-8824
BugTraq ID: 102056
Debian Security Information: DSA-4073 (Google Search)
RedHat Security Advisories: RHSA-2018:0399
RedHat Security Advisories: RHSA-2018:0676
RedHat Security Advisories: RHSA-2018:1062
RedHat Security Advisories: RHSA-2018:1130
RedHat Security Advisories: RHSA-2018:1170
RedHat Security Advisories: RHSA-2018:1216
RedHat Security Advisories: RHSA-2018:1319
RedHat Security Advisories: RHSA-2018:3822
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.