Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:2071-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:2071-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:2071-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:
CVE-2018-20855: An issue was discovered in the Linux kernel In
create_qp_common in drivers/infiniband/hw/mlx5/qp.c,
mlx5_ib_create_qp_resp was never initialized, resulting in a leak of
stack memory to userspace(bsc#1143045).

CVE-2019-1125: Exclude ATOMs from speculation through SWAPGS

CVE-2019-14283: In the Linux kernel, set_geometry in
drivers/block/floppy.c did not validate the sect and head fields, as
demonstrated by an integer overflow and out-of-bounds read. It could be
triggered by an unprivileged local user when a floppy disk was inserted.
NOTE: QEMU creates the floppy device by default. (bnc#1143191)

CVE-2019-11810: An issue was discovered in the Linux kernel A NULL
pointer dereference could occur when megasas_create_frame_pool() failed
in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.
This caused a Denial of Service, related to a use-after-free

CVE-2019-13648: In the Linux kernel on the powerpc platform, when
hardware transactional memory was disabled, a local user could cause a
denial of service (TM Bad Thing exception and system crash) via a
sigreturn() system call that sent a crafted signal frame. (bnc#1142254)

CVE-2019-13631: In parse_hid_report_descriptor in
drivers/input/tablet/gtco.c in the Linux kernel, a malicious USB device
could send an HID report that triggered an out-of-bounds write during
generation of debugging messages. (bnc#1142023)

The following non-security bugs were fixed:
Correct the CVE and bug reference for a floppy security fix
(CVE-2019-14284,bsc#1143189) A dedicated CVE was already assigned

acpi/nfit: Always dump _DSM output payload (bsc#1142351).

Add back sibling paca poiter to paca (bsc#1055117).

Add support for crct10dif-vpmsum ().

af_unix: remove redundant lockdep class (git-fixes). alsa: compress: Be
more restrictive about when a drain is allowed (bsc#1051510).

alsa: compress: Do not allow partial drain operations on capture
streams (bsc#1051510).

alsa: compress: Fix regression on compressed capture streams

alsa: compress: Prevent bypasses of set_params (bsc#1051510).

alsa: hda - Add a conexant codec entry to let mute led work

alsa: hda/realtek: apply ALC891 headset fixup to one Dell machine

alsa: hda/realtek - Fixed Headphone Mic can't record on Dell platform

alsa: hda/realtek - Headphone Mic can't record after S3 (bsc#1051510).

alsa: line6: Fix a typo (bsc#1051510).

alsa: line6: Fix wrong altsetting for LINE6_PODHD500_1 (bsc#1051510).

alsa: seq: Break too long mutex context in the write loop (bsc#1051510).

alsa: usb-audio: Add quirk for Focusrite Scarlett Solo (bsc#1051510).

alsa: usb-audio: Add quirk for MOTU MicroBook II (bsc#1051510).

alsa: us... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 15, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Module for Live Patching 15, SUSE Linux Enterprise Module for Legacy Software 15, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Basesystem 15, SUSE Linux Enterprise High Availability 15

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-1125
RedHat Security Advisories: RHBA-2019:2824
RedHat Security Advisories: RHBA-2019:3248
RedHat Security Advisories: RHSA-2019:2600
RedHat Security Advisories: RHSA-2019:2609
RedHat Security Advisories: RHSA-2019:2695
RedHat Security Advisories: RHSA-2019:2696
RedHat Security Advisories: RHSA-2019:2730
RedHat Security Advisories: RHSA-2019:2899
RedHat Security Advisories: RHSA-2019:2900
RedHat Security Advisories: RHSA-2019:2975
RedHat Security Advisories: RHSA-2019:3011
RedHat Security Advisories: RHSA-2019:3220
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.