| Description: | Summary:
The remote host is missing an update for the 'Linux Kernel'
package(s) announced via the openSUSE-SU-2019:1479-1 advisory.
Vulnerability Insight:
The openSUSE Leap 15.1 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2018-7191: In the tun subsystem dev_get_valid_name xwas not called
before register_netdevice. This allowed local users to cause a denial of
service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF)
call with a dev name containing a / character. This is similar to
CVE-2013-4343 (bnc#1135603).
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in
Intel(R) i915 Graphics for Linux may have allowed an authenticated user
to potentially enable escalation of privilege via local access
(bnc#1135278).
- CVE-2019-11486: The Siemens R3964 line discipline driver in
drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions
(bnc#1133188). It was disabled by default.
- CVE-2019-11811: There is a use-after-free upon attempted read access to
/proc/ioports after the ipmi_si module is removed, related to
drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c,
and drivers/char/ipmi/ipmi_si_port_io.c (bnc#1134397).
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in
net/rds/tcp.c kernel. There is a race condition leading to a
use-after-free, related to net namespace cleanup (bnc#1134537).
- CVE-2019-11833: fs/ext4/extents.c did not zero out the unused memory
region in the extent tree block, which might allow local users to obtain
sensitive information by reading uninitialized data in the filesystem
(bnc#1135281).
- CVE-2019-11884: The do_hidp_sock_ioctl function in
net/bluetooth/hidp/sock.c allowed a local user to obtain potentially
sensitive information from kernel stack memory via a HIDPCONNADD
command, because a name field may not end with a '\0' character
(bnc#1134848).
- CVE-2019-3882: A flaw was found in the vfio interface implementation
that permits violation of the user's locked memory limit. If a device is
bound to a vfio driver, such as vfio-pci, and the local attacker is
administratively granted ownership of the device, it may cause a system
memory exhaustion and thus a denial of service (DoS). (bnc#1131416
bnc#1131427).
- CVE-2019-5489: The mincore() implementation in mm/mincore.c allowed
local attackers to observe page cache access patterns of other processes
on the same system, potentially allowing sniffing of secret information.
(Fixing this affects the output of the fincore program.) Limited remote
exploitation may be possible, as demonstrated by latency differences in
accessing public files from an Apache HTTP Server.
Description truncated. Please see the references for more information.
Affected Software/OS:
'the' package(s) on openSUSE Leap 15.1.
Solution:
Please install the updated package(s).
CVSS Score:
9.3
CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
