Описание
Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)
This update for the Linux Kernel 4.4.178-94_91 fixes several issues.
The following security issues were fixed:
- CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021).
- CVE-2017-18379: Fixed an out of boundary access that happened in drivers/nvme/target/fc.c (bsc#1145604).
Список пакетов
SUSE Linux Enterprise Server 12 SP3-LTSS
kgraft-patch-4_4_156-94_61-default-8-2.1
kgraft-patch-4_4_156-94_57-default-8-2.1
kgraft-patch-4_4_162-94_72-default-6-2.1
kgraft-patch-4_4_162-94_69-default-6-2.1
kgraft-patch-4_4_156-94_64-default-7-2.1
kgraft-patch-4_4_176-94_88-default-4-2.1
kgraft-patch-4_4_175-94_79-default-5-2.1
kgraft-patch-4_4_180-94_103-default-2-2.1
kgraft-patch-4_4_180-94_100-default-2-2.1
kgraft-patch-4_4_180-94_97-default-4-2.1
kgraft-patch-4_4_178-94_91-default-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kgraft-patch-4_4_156-94_61-default-8-2.1
kgraft-patch-4_4_156-94_57-default-8-2.1
kgraft-patch-4_4_162-94_72-default-6-2.1
kgraft-patch-4_4_162-94_69-default-6-2.1
kgraft-patch-4_4_156-94_64-default-7-2.1
kgraft-patch-4_4_176-94_88-default-4-2.1
kgraft-patch-4_4_175-94_79-default-5-2.1
kgraft-patch-4_4_180-94_103-default-2-2.1
kgraft-patch-4_4_180-94_100-default-2-2.1
kgraft-patch-4_4_180-94_97-default-4-2.1
kgraft-patch-4_4_178-94_91-default-4-2.1
Ссылки
- Link for SUSE-SU-2019:2600-1
- E-Mail link for SUSE-SU-2019:2600-1
- SUSE Security Ratings
- SUSE Bug 1145604
- SUSE Bug 1151021
- SUSE CVE CVE-2017-18379 page
- SUSE CVE CVE-2019-14835 page
Описание
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_57-default-8-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_61-default-8-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_64-default-7-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_69-default-6-2.1
Ссылки
- CVE-2017-18379
- SUSE Bug 1143187
- SUSE Bug 1145604
Описание
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_57-default-8-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_61-default-8-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_64-default-7-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_69-default-6-2.1
Ссылки
- CVE-2019-14835
- SUSE Bug 1150112
- SUSE Bug 1151021