SUSE-SU-2019:2572-1

Опубликовано: 08 окт. 2019

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-195 fixes several issues.

The following security issue was fixed:

CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP4

kgraft-patch-4_12_14-95_29-default-2-2.1

kgraft-patch-4_12_14-95_24-default-2-2.1

kgraft-patch-4_12_14-95_16-default-4-2.1

kgraft-patch-4_12_14-95_19-default-3-2.1

kgraft-patch-4_12_14-95_13-default-4-2.1

kgraft-patch-4_12_14-95_6-default-5-2.1

kgraft-patch-4_12_14-95_3-default-6-2.1

kgraft-patch-4_12_14-94_41-default-7-2.19.1

SUSE Linux Enterprise Live Patching 15

kernel-livepatch-4_12_14-150_32-default-2-2.1

kernel-livepatch-4_12_14-25_25-default-6-2.1

kernel-livepatch-4_12_14-150_22-default-3-2.1

kernel-livepatch-4_12_14-150_17-default-4-2.1

kernel-livepatch-4_12_14-25_19-default-8-2.1

kernel-livepatch-4_12_14-25_22-default-7-2.1

kernel-livepatch-4_12_14-150_14-default-4-2.1

kernel-livepatch-4_12_14-25_28-default-5-2.1

kernel-livepatch-4_12_14-150_27-default-2-2.1

SUSE Linux Enterprise Live Patching 15 SP1

kernel-livepatch-4_12_14-197_4-default-5-2.1

kernel-livepatch-4_12_14-197_7-default-4-2.1

kernel-livepatch-4_12_14-197_10-default-2-2.1

kernel-livepatch-4_12_14-197_15-default-2-2.1

kernel-livepatch-4_12_14-195-default-6-16.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20192572-1/
Link for SUSE-SU-2019:2572-1
https://lists.suse.com/pipermail/sle-security-updates/2019-October/005993.html
E-Mail link for SUSE-SU-2019:2572-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1149841
SUSE Bug 1149841
https://bugzilla.suse.com/1151021
SUSE Bug 1151021
https://www.suse.com/security/cve/CVE-2019-14835/
SUSE CVE CVE-2019-14835 page

Описание

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-7-2.19.1

SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_13-default-4-2.1

SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-4-2.1

SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-3-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-14835.html
CVE-2019-14835
https://bugzilla.suse.com/1150112
SUSE Bug 1150112
https://bugzilla.suse.com/1151021
SUSE Bug 1151021

SUSE-SU-2019:2572-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP4

SUSE Linux Enterprise Live Patching 15

SUSE Linux Enterprise Live Patching 15 SP1

Ссылки

Уязвимость: CVE-2019-14835

Описание

Затронутые продукты

Ссылки