English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.853414
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for the (openSUSE-SU-2020:1379-1)
Summary:The remote host is missing an update for the 'the'; package(s) announced via the openSUSE-SU-2020:1379-1 advisory.
Description:Summary:
The remote host is missing an update for the 'the'
package(s) announced via the openSUSE-SU-2020:1379-1 advisory.

Vulnerability Insight:
The openSUSE Leap 15.1 kernel was updated to receive various security and
bugfixes.


The following security bugs were fixed:

- CVE-2020-14386: Fixed an overflow in tpacket_rcv in af_packet that could
lead to a local privilege escalation ( bsc#1176069).

The following non-security bugs were fixed:

- bonding: check error value of register_netdevice() immediately
(git-fixes).

- bonding: check return value of register_netdevice() in bond_newlink()
(git-fixes).

- hippi: Fix a size used in a 'pci_free_consistent()' in an error handling
path (git-fixes).

- mlx4: disable device on shutdown (git-fixes).

- mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes).

- mlxsw: core: Increase scope of RCU read-side critical section
(git-fixes).

- mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo
(bsc#1175691).

- net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes).

- net/mlx5e: Fix error path of device attach (git-fixes).

- net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual
configuration (git-fixes).

- net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes).

- sched/deadline: Initialize ->dl_boosted (bsc#1112178).

- scsi: lpfc: Add and rename a whole bunch of function parameter
descriptions (bsc#1171558 bsc#1136666).

- scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param
(bsc#1171558 bsc#1136666).

- scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558
bsc#1136666).

- scsi: lpfc: Ensure variable has the same stipulations as code using it
(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558
bsc#1136666).

- scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558
bsc#1136666).

- scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues
(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value
(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix oops when unloading driver while running mds diags
(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix retry of PRLI when status indicates its unsupported
(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix some function parameter descriptions (bsc#1171558
bsc#1136666).

- scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558
bsc#1136666).

- scsi: lpfc: Fix-up around 120 ...

Description truncated. Please see the references for more information.

Affected Software/OS:
'the' package(s) on openSUSE Leap 15.1.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-14386
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNCPXERMUHPSGF6S2VVFL5NVVPBBFB63/
http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
https://seclists.org/oss-sec/2020/q3/146
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
http://www.openwall.com/lists/oss-security/2021/09/17/2
http://www.openwall.com/lists/oss-security/2021/09/17/4
http://www.openwall.com/lists/oss-security/2021/09/21/1
SuSE Security Announcement: openSUSE-SU-2020:1655 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.