Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2020.1146.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:1146-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:1146-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:1146-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-8834: KVM on Power8 processors had a conflicting use of
HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in
kvmppc_{save,restore}_tm, leading to a stack corruption. Because of
this, an attacker with the ability to run code in kernel space of a
guest VM can cause the host kernel to panic (bnc#1168276).

CVE-2020-11494: An issue was discovered in slc_bump in
drivers/net/can/slcan.c, which allowed attackers to read uninitialized
can_frame data, potentially containing sensitive information from kernel
stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
(bnc#1168424).

CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks
validation of an sk_family field, which might allow attackers to trigger
kernel stack corruption via crafted system calls (bnc#1167629).

CVE-2019-9458: In the video driver there was a use after free due to a
race condition. This could lead to local escalation of privilege with no
additional execution privileges needed (bnc#1168295).

CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a
system crash (bnc#1120386).

CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function
(bsc#1159198).

CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S
did not have save/restore functionality for PNV_POWERSAVE_AMR,
PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).

The following non-security bugs were fixed:

ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro (bsc#1051510).

ACPI: watchdog: Fix gas->access_width usage (bsc#1051510).

ahci: Add support for Amazon's Annapurna Labs SATA controller
(bsc#1169013).

ALSA: ali5451: remove redundant variable capture_flag (bsc#1051510).

ALSA: core: Add snd_device_get_state() helper (bsc#1051510).

ALSA: core: Replace zero-length array with flexible-array member
(bsc#1051510).

ALSA: emu10k1: Fix endianness annotations (bsc#1051510).

ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA
X99 Classified motherboard (bsc#1051510).

ALSA: hda/ca0132 - Replace zero-length array with flexible-array member
(bsc#1051510).

ALSA: hda_codec: Replace zero-length array with flexible-array member
(bsc#1051510).

ALSA: hda: default enable CA0132 DSP support (bsc#1051510).

ALSA: hda: Fix potential access overflow in beep helper (bsc#1051510).

ALSA: hda/realtek - a fake key event is triggered by running shutup
(bsc#1051510).

ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662
(git-fixes).

ALSA: hda/realtek: Enable mute LED on an HP system (bsc#1051510).

ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662
(git-fixes).

ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes).

ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups
(bs... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1, SUSE Linux Enterprise Module for Live Patching 15-SP1, SUSE Linux Enterprise Module for Legacy Software 15-SP1, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Basesystem 15-SP1, SUSE Linux Enterprise High Availability 15-SP1

Solution:
Please install the updated package(s).

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-3701
BugTraq ID: 106443
http://www.securityfocus.com/bid/106443
https://bugzilla.suse.com/show_bug.cgi?id=1120386
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=0aaa81377c5a01f686bcdb8c7a6929a7bf330c68
https://marc.info/?l=linux-netdev&m=154651842302479&w=2
https://marc.info/?l=linux-netdev&m=154661373531512&w=2
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
SuSE Security Announcement: openSUSE-SU-2020:0543 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html
https://usn.ubuntu.com/3932-1/
https://usn.ubuntu.com/3932-2/
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9458
https://source.android.com/security/bulletin/pixel/2019-09-01
Common Vulnerability Exposure (CVE) ID: CVE-2020-8834
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1867717
https://usn.ubuntu.com/usn/usn-4318-1
https://www.openwall.com/lists/oss-security/2020/04/06/2
https://usn.ubuntu.com/4318-1/
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.