Описание
Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP1)
This update for the Linux Kernel 3.12.74-60_64_110 fixes several issues.
The following security issues were fixed:
- CVE-2019-10220: Fixed a relative path escape in the Samba client module (bsc#1144903, bsc#1153108).
- CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Ссылки
- Link for SUSE-SU-2019:2821-1
- E-Mail link for SUSE-SU-2019:2821-1
- SUSE Security Ratings
- SUSE Bug 1102682
- SUSE Bug 1103203
- SUSE Bug 1133191
- SUSE Bug 1136446
- SUSE Bug 1137597
- SUSE Bug 1140747
- SUSE Bug 1144903
- SUSE Bug 1151021
- SUSE Bug 1153108
- SUSE Bug 1153158
- SUSE Bug 1153161
- SUSE Bug 904970
- SUSE Bug 907150
- SUSE Bug 920615
- SUSE Bug 920633
- SUSE Bug 930408
- SUSE CVE CVE-2018-5390 page
Описание
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Затронутые продукты
Ссылки
- CVE-2018-5390
- SUSE Bug 1087082
- SUSE Bug 1102340
- SUSE Bug 1102682
- SUSE Bug 1103097
- SUSE Bug 1103098
- SUSE Bug 1156434
Описание
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
Затронутые продукты
Ссылки
- CVE-2019-10220
- SUSE Bug 1144903
- SUSE Bug 1153108
Описание
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
Затронутые продукты
Ссылки
- CVE-2019-11477
- SUSE Bug 1132686
- SUSE Bug 1137586
- SUSE Bug 1142129
- SUSE Bug 1153242
Описание
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
Затронутые продукты
Ссылки
- CVE-2019-11478
- SUSE Bug 1132686
- SUSE Bug 1137586
- SUSE Bug 1142129
- SUSE Bug 1143542
Описание
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
Затронутые продукты
Ссылки
- CVE-2019-11487
- SUSE Bug 1133190
- SUSE Bug 1133191
Описание
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
Затронутые продукты
Ссылки
- CVE-2019-14835
- SUSE Bug 1150112
- SUSE Bug 1151021
Описание
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
Затронутые продукты
Ссылки
- CVE-2019-17133
- SUSE Bug 1153158
- SUSE Bug 1153161
Описание
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
Затронутые продукты
Ссылки
- CVE-2019-3846
- SUSE Bug 1136424
- SUSE Bug 1136446
- SUSE Bug 1156330