Описание
Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP1)
This update for the Linux Kernel 3.12.74-60_64_121 fixes several issues.
The following security issues were fixed:
- CVE-2019-15917: Fixed a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c (bsc#1156334).
- CVE-2019-10220: Fixed Samba servers that can inject relative paths in directory entry lists (bsc#1153108).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
kgraft-patch-3_12_74-60_64_110-default-7-2.3
kgraft-patch-3_12_74-60_64_110-xen-7-2.3
kgraft-patch-3_12_74-60_64_115-default-6-2.3
kgraft-patch-3_12_74-60_64_115-xen-6-2.3
kgraft-patch-3_12_74-60_64_118-default-4-2.3
kgraft-patch-3_12_74-60_64_118-xen-4-2.3
kgraft-patch-3_12_74-60_64_121-default-4-2.3
kgraft-patch-3_12_74-60_64_121-xen-4-2.3
SUSE Linux Enterprise Server for SAP Applications 12 SP1
kgraft-patch-3_12_74-60_64_110-default-7-2.3
kgraft-patch-3_12_74-60_64_110-xen-7-2.3
kgraft-patch-3_12_74-60_64_115-default-6-2.3
kgraft-patch-3_12_74-60_64_115-xen-6-2.3
kgraft-patch-3_12_74-60_64_118-default-4-2.3
kgraft-patch-3_12_74-60_64_118-xen-4-2.3
kgraft-patch-3_12_74-60_64_121-default-4-2.3
kgraft-patch-3_12_74-60_64_121-xen-4-2.3
Ссылки
- Link for SUSE-SU-2019:3233-1
- E-Mail link for SUSE-SU-2019:3233-1
- SUSE Security Ratings
- SUSE Bug 1153108
- SUSE Bug 1156334
- SUSE CVE CVE-2019-10220 page
- SUSE CVE CVE-2019-15917 page
Описание
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3
Ссылки
- CVE-2019-10220
- SUSE Bug 1144903
- SUSE Bug 1153108
Описание
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3
Ссылки
- CVE-2019-15917
- SUSE Bug 1149539
- SUSE Bug 1156334