Описание
Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94_103 fixes several issues.
The following security issues were fixed:
- CVE-2019-10220: Fixed a relative path escape in the Samba client module (bsc#1144903, bsc#1153108).
- CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-94_41-default-8-2.22.1
kgraft-patch-4_12_14-95_3-default-7-2.1
kgraft-patch-4_12_14-95_6-default-6-2.1
kgraft-patch-4_12_14-95_13-default-5-2.1
kgraft-patch-4_12_14-95_16-default-5-2.1
kgraft-patch-4_12_14-95_19-default-4-2.1
kgraft-patch-4_12_14-95_24-default-3-2.1
kgraft-patch-4_12_14-95_29-default-3-2.1
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-25_25-default-7-2.1
kernel-livepatch-4_12_14-25_28-default-6-2.1
kernel-livepatch-4_12_14-150_14-default-5-2.1
kernel-livepatch-4_12_14-150_17-default-5-2.1
kernel-livepatch-4_12_14-150_22-default-4-2.1
kernel-livepatch-4_12_14-150_27-default-3-2.1
kernel-livepatch-4_12_14-150_32-default-3-2.1
kernel-livepatch-4_12_14-150_38-default-2-2.1
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_10-default-3-2.1
kernel-livepatch-4_12_14-197_21-default-2-2.1
kernel-livepatch-4_12_14-195-default-7-19.1
kernel-livepatch-4_12_14-197_4-default-6-2.1
kernel-livepatch-4_12_14-197_7-default-5-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS
kgraft-patch-3_12_74-60_64_115-default-5-2.1
kgraft-patch-3_12_74-60_64_115-xen-5-2.1
kgraft-patch-3_12_74-60_64_118-default-3-2.1
kgraft-patch-3_12_74-60_64_118-xen-3-2.1
kgraft-patch-3_12_74-60_64_121-default-3-2.1
kgraft-patch-3_12_74-60_64_121-xen-3-2.1
SUSE Linux Enterprise Server 12 SP2-LTSS
kgraft-patch-4_4_121-92_98-default-8-2.1
kgraft-patch-4_4_121-92_101-default-6-2.1
kgraft-patch-4_4_121-92_104-default-6-2.1
kgraft-patch-4_4_121-92_109-default-6-2.1
kgraft-patch-4_4_121-92_114-default-5-2.1
kgraft-patch-4_4_121-92_117-default-4-2.1
kgraft-patch-4_4_121-92_120-default-3-2.1
SUSE Linux Enterprise Server 12 SP3-LTSS
kgraft-patch-4_4_156-94_64-default-8-2.1
kgraft-patch-4_4_162-94_69-default-7-2.1
kgraft-patch-4_4_162-94_72-default-7-2.1
kgraft-patch-4_4_175-94_79-default-6-2.1
kgraft-patch-4_4_176-94_88-default-5-2.1
kgraft-patch-4_4_178-94_91-default-5-2.1
kgraft-patch-4_4_180-94_97-default-5-2.1
kgraft-patch-4_4_180-94_100-default-3-2.1
kgraft-patch-4_4_180-94_103-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
kgraft-patch-3_12_74-60_64_115-default-5-2.1
kgraft-patch-3_12_74-60_64_115-xen-5-2.1
kgraft-patch-3_12_74-60_64_118-default-3-2.1
kgraft-patch-3_12_74-60_64_118-xen-3-2.1
kgraft-patch-3_12_74-60_64_121-default-3-2.1
kgraft-patch-3_12_74-60_64_121-xen-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
kgraft-patch-4_4_121-92_98-default-8-2.1
kgraft-patch-4_4_121-92_101-default-6-2.1
kgraft-patch-4_4_121-92_104-default-6-2.1
kgraft-patch-4_4_121-92_109-default-6-2.1
kgraft-patch-4_4_121-92_114-default-5-2.1
kgraft-patch-4_4_121-92_117-default-4-2.1
kgraft-patch-4_4_121-92_120-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kgraft-patch-4_4_156-94_64-default-8-2.1
kgraft-patch-4_4_162-94_69-default-7-2.1
kgraft-patch-4_4_162-94_72-default-7-2.1
kgraft-patch-4_4_175-94_79-default-6-2.1
kgraft-patch-4_4_176-94_88-default-5-2.1
kgraft-patch-4_4_178-94_91-default-5-2.1
kgraft-patch-4_4_180-94_97-default-5-2.1
kgraft-patch-4_4_180-94_100-default-3-2.1
kgraft-patch-4_4_180-94_103-default-3-2.1
Ссылки
- Link for SUSE-SU-2019:2829-1
- E-Mail link for SUSE-SU-2019:2829-1
- SUSE Security Ratings
- SUSE Bug 1144903
- SUSE Bug 1153108
- SUSE Bug 1153158
- SUSE Bug 1153161
- SUSE CVE CVE-2019-10220 page
- SUSE CVE CVE-2019-17133 page
Описание
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-8-2.22.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_13-default-5-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-5-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-4-2.1
Ссылки
- CVE-2019-10220
- SUSE Bug 1144903
- SUSE Bug 1153108
Описание
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-8-2.22.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_13-default-5-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-5-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-4-2.1
Ссылки
- CVE-2019-17133
- SUSE Bug 1153158
- SUSE Bug 1153161