Vulnerability   
Search   
    Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.0196.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:0196-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:0196-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2019:0196-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-12232: In net/socket.c in the there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
- CVE-2018-19985: The ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Desktop 12-SP4, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server for SAP Applications 12-SP4.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2547
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://www.openwall.com/lists/oss-security/2013/03/05/13
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1793-1
http://www.ubuntu.com/usn/USN-1794-1
http://www.ubuntu.com/usn/USN-1795-1
http://www.ubuntu.com/usn/USN-1796-1
http://www.ubuntu.com/usn/USN-1797-1
Common Vulnerability Exposure (CVE) ID: CVE-2018-12232
BugTraq ID: 104453
http://www.securityfocus.com/bid/104453
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14
https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14
https://lkml.org/lkml/2018/6/5/14
https://patchwork.ozlabs.org/patch/926519/
RedHat Security Advisories: RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:2948
https://usn.ubuntu.com/3752-1/
https://usn.ubuntu.com/3752-2/
https://usn.ubuntu.com/3752-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-14625
RHSA-2019:2029
https://access.redhat.com/errata/RHSA-2019:2029
RHSA-2019:2043
https://access.redhat.com/errata/RHSA-2019:2043
RHSA-2019:4154
https://access.redhat.com/errata/RHSA-2019:4154
USN-3871-1
https://usn.ubuntu.com/3871-1/
USN-3871-3
https://usn.ubuntu.com/3871-3/
USN-3871-4
https://usn.ubuntu.com/3871-4/
USN-3871-5
https://usn.ubuntu.com/3871-5/
USN-3872-1
https://usn.ubuntu.com/3872-1/
USN-3878-1
https://usn.ubuntu.com/3878-1/
USN-3878-2
https://usn.ubuntu.com/3878-2/
[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update
https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14625
https://syzkaller.appspot.com/bug?extid=bd391451452fb0b93039
Common Vulnerability Exposure (CVE) ID: CVE-2018-16862
106009
http://www.securityfocus.com/bid/106009
USN-3879-1
https://usn.ubuntu.com/3879-1/
USN-3879-2
https://usn.ubuntu.com/3879-2/
USN-4094-1
https://usn.ubuntu.com/4094-1/
USN-4118-1
https://usn.ubuntu.com/4118-1/
[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
[oss-security] 20181123 CVE-2018-16862: Linux kernel: cleancache: deleted files infoleak
https://seclists.org/oss-sec/2018/q4/169
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862
https://lore.kernel.org/patchwork/patch/1011367/
Common Vulnerability Exposure (CVE) ID: CVE-2018-16884
106253
http://www.securityfocus.com/bid/106253
RHSA-2019:1873
https://access.redhat.com/errata/RHSA-2019:1873
RHSA-2019:1891
https://access.redhat.com/errata/RHSA-2019:1891
RHSA-2019:2696
https://access.redhat.com/errata/RHSA-2019:2696
RHSA-2019:2730
https://access.redhat.com/errata/RHSA-2019:2730
RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3309
RHSA-2019:3517
https://access.redhat.com/errata/RHSA-2019:3517
RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
USN-3932-1
https://usn.ubuntu.com/3932-1/
USN-3932-2
https://usn.ubuntu.com/3932-2/
USN-3980-1
https://usn.ubuntu.com/3980-1/
USN-3980-2
https://usn.ubuntu.com/3980-2/
USN-3981-1
https://usn.ubuntu.com/3981-1/
USN-3981-2
https://usn.ubuntu.com/3981-2/
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16884
https://patchwork.kernel.org/cover/10733767/
https://patchwork.kernel.org/patch/10733769/
https://support.f5.com/csp/article/K21430012
https://www.oracle.com/security-alerts/cpuApr2021.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-18397
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=29ec90660d68bbdd69507c1c8b4e33aa299278b1
https://bugs.chromium.org/p/project-zero/issues/detail?id=1700
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.7
https://github.com/torvalds/linux/commit/29ec90660d68bbdd69507c1c8b4e33aa299278b1
RedHat Security Advisories: RHBA-2019:0327
https://access.redhat.com/errata/RHBA-2019:0327
RedHat Security Advisories: RHSA-2019:0163
https://access.redhat.com/errata/RHSA-2019:0163
RedHat Security Advisories: RHSA-2019:0202
https://access.redhat.com/errata/RHSA-2019:0202
RedHat Security Advisories: RHSA-2019:0324
https://access.redhat.com/errata/RHSA-2019:0324
RedHat Security Advisories: RHSA-2019:0831
https://access.redhat.com/errata/RHSA-2019:0831
https://usn.ubuntu.com/3901-1/
https://usn.ubuntu.com/3901-2/
https://usn.ubuntu.com/3903-1/
https://usn.ubuntu.com/3903-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-19407
BugTraq ID: 105987
http://www.securityfocus.com/bid/105987
https://lkml.org/lkml/2018/11/20/580
Common Vulnerability Exposure (CVE) ID: CVE-2018-19854
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43f39958beb206b53292801e216d9b8a660f087
https://github.com/torvalds/linux/commit/f43f39958beb206b53292801e216d9b8a660f087
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3
RedHat Security Advisories: RHSA-2019:3309
RedHat Security Advisories: RHSA-2019:3517
Common Vulnerability Exposure (CVE) ID: CVE-2018-19985
http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html
http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
https://hexhive.epfl.ch/projects/perifuzz/
https://seclists.org/bugtraq/2019/Jan/52
https://usn.ubuntu.com/4115-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-20169
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=704620afc70cf47abb9d6a1a57f3825d2bca49cf
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.9
https://github.com/torvalds/linux/commit/704620afc70cf47abb9d6a1a57f3825d2bca49cf
Common Vulnerability Exposure (CVE) ID: CVE-2018-9568
RedHat Security Advisories: RHSA-2019:0512
https://access.redhat.com/errata/RHSA-2019:0512
RedHat Security Advisories: RHSA-2019:0514
https://access.redhat.com/errata/RHSA-2019:0514
RedHat Security Advisories: RHSA-2019:2696
RedHat Security Advisories: RHSA-2019:2730
RedHat Security Advisories: RHSA-2019:2736
https://access.redhat.com/errata/RHSA-2019:2736
RedHat Security Advisories: RHSA-2019:3967
https://access.redhat.com/errata/RHSA-2019:3967
RedHat Security Advisories: RHSA-2019:4056
https://access.redhat.com/errata/RHSA-2019:4056
RedHat Security Advisories: RHSA-2019:4159
https://access.redhat.com/errata/RHSA-2019:4159
RedHat Security Advisories: RHSA-2019:4164
https://access.redhat.com/errata/RHSA-2019:4164
RedHat Security Advisories: RHSA-2019:4255
https://access.redhat.com/errata/RHSA-2019:4255
https://usn.ubuntu.com/3880-1/
https://usn.ubuntu.com/3880-2/
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2025 E-Soft Inc. All rights reserved.