Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2020.2486.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:2486-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:2486-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:2486-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-14314: Fixed a potential negative array index in ext4
(bsc#1173798).

CVE-2020-14331: Fixed a missing check in scrollback handling
(bsc#1174205 bsc#1174247).

CVE-2020-14356: Fixed a NULL pointer dereference in the cgroupv2
subsystem (bsc#1175213).

CVE-2020-16166: Fixed an information leak in the network RNG
(bsc#1174757).

The following non-security bugs were fixed:

9p/trans_fd: Fix concurrency del of req_list in
p9_fd_cancelled/p9_read_work (git-fixes).

ACPICA: Do not increment operation_region reference counts for field
units (git-fixes).

af_key: pfkey_dump needs parameter validation (git-fixes).

agp/intel: Fix a memory leak on module initialisation failure
(git-fixes).

ALSA: atmel: Remove invalid 'fall through' comments (git-fixes).

ALSA: core: pcm_iec958: fix kernel-doc (git-fixes).

ALSA: echoaduio: Drop superfluous volatile modifier (git-fixes).

ALSA: echoaudio: Address bugs in the interrupt handling (git-fixes).

ALSA: echoaudio: Fix potential Oops in snd_echo_resume() (git-fixes).

ALSA: echoaudio: Prevent races in calls to set_audio_format()
(git-fixes).

ALSA: echoaudio: Prevent some noise on unloading the module (git-fixes).

ALSA: echoaudio: Race conditions around 'opencount' (git-fixes).

ALSA: echoaudio: re-enable IRQs on failure path (git-fixes).

ALSA: echoaudio: Remove redundant check (git-fixes).

ALSA: firewire: fix kernel-doc (git-fixes).

ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
(git-fixes).

ALSA: hda - reverse the setting value in the micmute_led_set (git-fixes).

ALSA: hda/ca0132 - Add new quirk ID for Recon3D (git-fixes).

ALSA: hda/ca0132 - Fix AE-5 microphone selection commands (git-fixes).

ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value (git-fixes).

ALSA: hda/hdmi: Add quirk to force connectivity (git-fixes).

ALSA: hda/hdmi: Fix keep_power assignment for non-component devices
(git-fixes).

ALSA: hda/hdmi: Use force connectivity quirk on another HP desktop
(git-fixes).

ALSA: hda/realtek - Fix unused variable warning (git-fixes).

ALSA: hda/realtek - Fixed HP right speaker no sound (git-fixes).

ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
(git-fixes).

ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes).

ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion (git-fixes).

ALSA: hda/realtek: Add quirk for Samsung Galaxy Flex Book (git-fixes).

ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G15(GA502)
series with ALC289 (git-fixes).

ALSA: hda/realtek: Fix add a 'ultra_low_power' function for intel
reference board (alc256) (git-fixes).

ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged (git-fixes).

ALSA: hda/realtek: typo_fix: enable headset mic of ASUS ROG Zephyrus
G14(GA401) ser... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 15-SP2, SUSE Linux Enterprise Module for Live Patching 15-SP2, SUSE Linux Enterprise Module for Legacy Software 15-SP2, SUSE Linux Enterprise Module for Development Tools 15-SP2, SUSE Linux Enterprise Module for Basesystem 15-SP2, SUSE Linux Enterprise High Availability 15-SP2

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-14314
Common Vulnerability Exposure (CVE) ID: CVE-2020-14331
Common Vulnerability Exposure (CVE) ID: CVE-2020-14356
Common Vulnerability Exposure (CVE) ID: CVE-2020-16166
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.