|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for linux-4.9 (DLA-2242-1)|
|Summary:||The remote host is missing an update for the 'linux-4.9'; package(s) announced via the DLA-2242-1 advisory.|
The remote host is missing an update for the 'linux-4.9'
package(s) announced via the DLA-2242-1 advisory.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
Hanjun Guo and Lei Li reported a race condition in the arm64
virtual memory management code, which could lead to an information
disclosure, denial of service (crash), or possibly privilege
Mitchell Frank of Cisco discovered that when the IEEE 802.11
(WiFi) stack was used in AP mode with roaming, it would trigger
roaming for a newly associated station before the station was
authenticated. An attacker within range of the AP could use this
to cause a denial of service, either by filling up a switching
table or by redirecting traffic away from other stations.
Jungyeon discovered that a crafted filesystem can cause the ext4
implementation to deallocate or reallocate journal blocks. A user
permitted to mount filesystems could use this to cause a denial of
service (crash), or possibly for privilege escalation.
The syzbot tool found a missing error check in the 'relay'
library used to implement various files under debugfs. A local
user permitted to access debugfs could use this to cause a denial
of service (crash) or possibly for privilege escalation.
Tristan Madani reported a race condition in the blktrace debug
facility that could result in a use-after-free. A local user able
to trigger removal of block devices could possibly use this to
cause a denial of service (crash) or for privilege escalation.
A potential null pointer dereference was discovered in the tw5864
media driver. The security impact of this is unclear.
The Hulk Robot tool found a reference-counting bug in an error
path in the network subsystem. The security impact of this is
Researchers at VU Amsterdam discovered that on some Intel CPUs
supporting the RDRAND and RDSEED instructions, part of a random
value generated by these instructions may be used in a later
speculative execution on any core of the same physical CPU.
Depending on how these instructions are used by applications, a
local user or VM guest could use this to obtain sensitive
information such as cryptographic keys from other users or VMs.
This vulnerability can be mitigated by a microcode update, either
as part of system firmware (BIOS) or through the intel-microcode
package in Debian's non-free archive section. This kernel update
only provides reporting of the vulnerability and the option to
disable the mitigation if it is not needed.
Paulo Bonzini discovered that the KVM implemen ...
Description truncated. Please see the references for more information.
'linux-4.9' package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
deb8u1. This version also fixes some related bugs
that do not have their own CVE IDs, and a regression in the macvlan
driver introduced in the previous security update (bug #952660).
We recommend that you upgrade your linux-4.9 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2019-2182|
Debian Security Information: DSA-4698 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2019-5108
Common Vulnerability Exposure (CVE) ID: CVE-2020-0543
SuSE Security Announcement: openSUSE-SU-2020:0818 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0965 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0985 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-2732
Debian Security Information: DSA-4667 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-8428
SuSE Security Announcement: openSUSE-SU-2020:0336 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-8647
SuSE Security Announcement: openSUSE-SU-2020:0388 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-8648
Common Vulnerability Exposure (CVE) ID: CVE-2020-8649
Common Vulnerability Exposure (CVE) ID: CVE-2020-9383
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.