|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2019:0150-1)|
|Summary:||The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:0150-1 advisory.|
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:0150-1 advisory.
The SUSE Linux Enterprise 15 kernel for Azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory
corruption due to type confusion. This could lead to local escalation of
privilege with no additional execution privileges needed. User
interaction is not needed for exploitation. (bnc#1118319).
CVE-2018-12232: In net/socket.c there is a race condition between
fchownat and close in cases where they target the same socket file
descriptor, related to the sock_close and sockfs_setattr functions.
fchownat did not increment the file descriptor reference count, which
allowed close to set the socket to NULL during fchownat's execution,
leading to a NULL pointer dereference and system crash (bnc#1097593).
CVE-2018-14625: A flaw was found where an attacker may be able to have
an uncontrolled read to kernel-memory from within a vm guest. A race
condition between connect() and close() function may allow an attacker
using the AF_VSOCK protocol to gather a 4 byte information leak or
possibly intercept or corrupt AF_VSOCK messages destined to other
CVE-2018-16862: A security flaw was found in the way that the cleancache
subsystem clears an inode after the final file truncation (removal). The
new file created with the same inode may contain leftover pages from
cleancache and the old file data instead of the new one (bnc#1117186).
CVE-2018-16884: NFS41+ shares mounted in different network namespaces at
the same time can make bc_svc_process() use wrong back-channel IDs and
cause a use-after-free vulnerability. Thus a malicious container user
can cause a host kernel memory corruption and a system panic. Due to the
nature of the flaw, privilege escalation cannot be fully ruled out
CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping
pagetable locks. If a syscall such as ftruncate() removes entries from
the pagetables of a task that is in the middle of mremap(), a stale TLB
entry can remain for a short time that permits access to a physical page
after it has been released back to the page allocator and reused.
CVE-2018-18397: The userfaultfd implementation mishandled access control
for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users
to write data into holes in a tmpfs file (if the user has read-only
access to that file, and that file contains holes), related to
fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c
allowed local users to cause a denial of service (NULL pointer
dereference and BUG) via crafted system calls that reach a situation
where ioapic is uninitialized (bnc#1116841).
CVE-2018-19824: A local user could exploit a use-after-free in the ALSA
driver by supplying a malici... [Please see the references for more information on the vulnerabilities]
'Linux Kernel' package(s) on SUSE Linux Enterprise Module for Public Cloud 15
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2013-2547|
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2018-9568
RedHat Security Advisories: RHSA-2019:0512
RedHat Security Advisories: RHSA-2019:0514
RedHat Security Advisories: RHSA-2019:2696
RedHat Security Advisories: RHSA-2019:2730
RedHat Security Advisories: RHSA-2019:2736
RedHat Security Advisories: RHSA-2019:3967
RedHat Security Advisories: RHSA-2019:4056
RedHat Security Advisories: RHSA-2019:4159
RedHat Security Advisories: RHSA-2019:4164
RedHat Security Advisories: RHSA-2019:4255
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.