Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.14051.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:14051-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:14051-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:14051-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)

CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)

CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)

CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
(MDSUM)

This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.

For more information on this set of information leaks, check out [link moved to references]

The following security bugs were fixed:
CVE-2019-9213: The expand_downwards function in mm/mmap.c lacked a check
for the mmap minimum address, which made it easier for attackers to
exploit kernel NULL pointer dereferences on non-SMAP platforms. This is
related to a capability check for the wrong task (bnc#1128166).

CVE-2013-0216: The Xen netback functionality allowed guest OS users to
cause a denial of service (loop) by triggering ring pointer corruption
(bnc#800280).

CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver
(drivers/xen/pciback/conf_space_capability_msi.c) in Xen allowed guest
OS users with PCI device access to cause a denial of service via a large
number of kernel log messages. (bnc#801178).

CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c did not
initialize a certain structure member, which allowed local users to
obtain potentially sensitive information from kernel stack memory via a
recvfrom or recvmsg system call on an RDS socket (bnc#773383).

CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver allowed remote
attackers to cause a denial of service (DMA descriptor consumption and
network-controller outage) via crafted TCP packets that trigger a small
MSS value (bnc#774523).

CVE-2013-0160: The kernel allowed local users to obtain sensitive
information about keystroke timing by using the inotify API on the
/dev/ptmx device (bnc#797175).

CVE-2013-1979: The scm_set_cred function in include/net/scm.h uses
incorrect uid and gid values during credentials passing, which allowed
local users to gain privileges via a crafted application (bnc#816708).

The following non-security bugs were fixed:
Add opcodes from net: filter: BPF 'JIT' compiler for PPC64 (bsc#1131107).

EHCI: improved logic for isochronous scheduling (bsc#1117515).

KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup
(bsc#1129439).

USB: Add new USB LPM helpers (bsc#1129770).

USB: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).

USB: EHCI: add new root-hub state: STOPPING (bsc#1117515).

USB: EHCI: add pointer to end of async-unlink list (bsc#1117515).

USB: EHCI: add symbolic constants for QHs (bsc#1... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Debuginfo 11-SP4

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3412
http://www.openwall.com/lists/oss-security/2012/08/03/4
RedHat Security Advisories: RHSA-2012:1323
http://rhn.redhat.com/errata/RHSA-2012-1323.html
RedHat Security Advisories: RHSA-2012:1324
http://rhn.redhat.com/errata/RHSA-2012-1324.html
RedHat Security Advisories: RHSA-2012:1347
http://rhn.redhat.com/errata/RHSA-2012-1347.html
RedHat Security Advisories: RHSA-2012:1375
http://rhn.redhat.com/errata/RHSA-2012-1375.html
RedHat Security Advisories: RHSA-2012:1401
http://rhn.redhat.com/errata/RHSA-2012-1401.html
RedHat Security Advisories: RHSA-2012:1430
http://rhn.redhat.com/errata/RHSA-2012-1430.html
http://secunia.com/advisories/50633
http://secunia.com/advisories/50732
http://secunia.com/advisories/50811
http://secunia.com/advisories/51193
SuSE Security Announcement: SUSE-SU-2012:1679 (Google Search)
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
SuSE Security Announcement: openSUSE-SU-2012:1330 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00005.html
http://www.ubuntu.com/usn/USN-1567-1
http://www.ubuntu.com/usn/USN-1568-1
http://www.ubuntu.com/usn/USN-1572-1
http://www.ubuntu.com/usn/USN-1575-1
http://www.ubuntu.com/usn/USN-1577-1
http://www.ubuntu.com/usn/USN-1578-1
http://www.ubuntu.com/usn/USN-1579-1
http://www.ubuntu.com/usn/USN-1580-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-3430
http://www.openwall.com/lists/oss-security/2012/07/26/5
Common Vulnerability Exposure (CVE) ID: CVE-2013-0160
http://www.openwall.com/lists/oss-security/2013/01/08/3
SuSE Security Announcement: SUSE-SU-2013:0674 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html
SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html
SuSE Security Announcement: openSUSE-SU-2013:0395 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0216
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://www.openwall.com/lists/oss-security/2013/02/05/12
Common Vulnerability Exposure (CVE) ID: CVE-2013-0231
BugTraq ID: 57740
http://www.securityfocus.com/bid/57740
Debian Security Information: DSA-2632 (Google Search)
http://www.debian.org/security/2013/dsa-2632
http://www.openwall.com/lists/oss-security/2013/02/05/9
http://osvdb.org/89903
http://secunia.com/advisories/52059
XForce ISS Database: xen-pcibackenablemsi-dos(81923)
https://exchange.xforce.ibmcloud.com/vulnerabilities/81923
Common Vulnerability Exposure (CVE) ID: CVE-2013-1979
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html
http://www.openwall.com/lists/oss-security/2013/04/29/1
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-9213
BugTraq ID: 107296
http://www.securityfocus.com/bid/107296
https://www.exploit-db.com/exploits/46502/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1
http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162
https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
RedHat Security Advisories: RHSA-2019:0831
https://access.redhat.com/errata/RHSA-2019:0831
RedHat Security Advisories: RHSA-2019:1479
https://access.redhat.com/errata/RHSA-2019:1479
RedHat Security Advisories: RHSA-2019:1480
https://access.redhat.com/errata/RHSA-2019:1480
SuSE Security Announcement: openSUSE-SU-2019:1085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html
SuSE Security Announcement: openSUSE-SU-2019:1193 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html
https://usn.ubuntu.com/3930-1/
https://usn.ubuntu.com/3930-2/
https://usn.ubuntu.com/3931-1/
https://usn.ubuntu.com/3931-2/
https://usn.ubuntu.com/3932-1/
https://usn.ubuntu.com/3932-2/
https://usn.ubuntu.com/3933-1/
https://usn.ubuntu.com/3933-2/
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.