Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2018.3003.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2018:3003-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:3003-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:3003-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.

The following security bugs were fixed:
CVE-2018-16597: Incorrect access checking in overlayfs mounts could have
been used by local attackers to modify or truncate files in the
underlying filesystem (bnc#1106512).

CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page()
when mounting and operating a crafted btrfs image, caused by a lack of
block group item validation in check_leaf_item (bsc#1102896)

CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link)
in an hfs+ filesystem that has malformed catalog data, and is mounted
read-only without a metadata directory (bsc#1102870)

CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to
crash the kernel or potentially escalate privileges (bsc#1106095)

CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial
of service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)

CVE-2018-7480: The blkcg_init_queue function allowed local users to
cause a denial of service (double free) or possibly have unspecified
other impact by triggering a creation failure (bsc#1082863).

CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c
mishandled sequence number overflows. An attacker can trigger a
use-after-free (and possibly gain privileges) via certain thread
creation, map, unmap, invalidation, and dereference operations
(bnc#1108399).

The following non-security bugs were fixed:
asm/sections: add helpers to check for section data (bsc#1063026).

ASoC: wm8994: Fix missing break in switch (bnc#1012382).

block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).

bpf: fix overflow in prog accounting (bsc#1012382).

btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896,
bsc#1102879, bsc#1102877, bsc#1102875,).

btrfs: Add sanity check for EXTENT_DATA when reading out leaf
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).

btrfs: Check if item pointer overlaps with the item itself (bsc#1102882,
bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).

btrfs: Check that each block group has corresponding chunk at mount time
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).

btrfs: Introduce mount time chunk dev extent mapping check
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).

btrfs: Move leaf and node validation checker to tree-checker.c
(bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).

btrfs: relocation: Only remove reloc rb_trees if... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 12-SP3, SUSE Linux Enterprise Software Development Kit 12-SP3, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise Desktop 12-SP3, SUSE CaaS Platform ALL, SUSE CaaS Platform 3.0

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-7480
Debian Security Information: DSA-4188 (Google Search)
https://www.debian.org/security/2018/dsa-4188
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b54d816e00425c3a517514e0d677bb3cec49258
https://github.com/torvalds/linux/commit/9b54d816e00425c3a517514e0d677bb3cec49258
https://usn.ubuntu.com/3654-1/
https://usn.ubuntu.com/3654-2/
https://usn.ubuntu.com/3656-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-7757
BugTraq ID: 103348
http://www.securityfocus.com/bid/103348
Debian Security Information: DSA-4187 (Google Search)
https://www.debian.org/security/2018/dsa-4187
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a491b1ab11ca0556d2fda1ff1301e862a2d44c4
https://github.com/torvalds/linux/commit/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
RedHat Security Advisories: RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:2948
RedHat Security Advisories: RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3083
RedHat Security Advisories: RHSA-2018:3096
https://access.redhat.com/errata/RHSA-2018:3096
https://usn.ubuntu.com/3697-1/
https://usn.ubuntu.com/3697-2/
https://usn.ubuntu.com/3698-1/
https://usn.ubuntu.com/3698-2/
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.