openSUSE: 2019:0203-1 Important: Linux Kernel DoS and Info Leak Fixes
opensuse
February 18, 2019
An update that solves 6 vulnerabilities and has 61 fixes is now available.
Description
The openSUSE Leap 15.0 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth
stack were fixed. (bnc#1120758).
- CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed.
(bnc#1124732).
- CVE-2019-7222: A information leak in exception handling in KVM could be
used to expose host memory to guests. (bnc#1124735).
- CVE-2019-6974: A use-after-free in the KVM device control API was
fixed. (bnc#1124728).
- CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915
driver were fixed which might have lead to information leaks.
(bnc#1122971).
The following non-security bugs were fixed:
- 6lowpan: iphc: reset mac_header after decompress to fix panic
(bsc#1051510).
- 9p: clear dangling pointers in p9stat_free (bsc#1051510).
- 9p locks: fix glock.client_id leak in do_lock...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-203=1
Package List
- openSUSE Leap 15.0 (noarch):
kernel-devel-4.12.14-lp150.12.48.1
kernel-docs-4.12.14-lp150.12.48.1
kernel-docs-html-4.12.14-lp150.12.48.1
kernel-macros-4.12.14-lp150.12.48.1
kernel-source-4.12.14-lp150.12.48.1
kernel-source-vanilla-4.12.14-lp150.12.48.1
- openSUSE Leap 15.0 (x86_64):
kernel-debug-4.12.14-lp150.12.48.1
kernel-debug-base-4.12.14-lp150.12.48.1
kernel-debug-base-debuginfo-4.12.14-lp150.12.48.1
kernel-debug-debuginfo-4.12.14-lp150.12.48.1
kernel-debug-debugsource-4.12.14-lp150.12.48.1
kernel-debug-devel-4.12.14-lp150.12.48.1
kernel-debug-devel-debuginfo-4.12.14-lp150.12.48.1
kernel-default-4.12.14-lp150.12.48.1
kernel-default-base-4.12.14-lp150.12.48.1
kernel-default-base-debuginfo-4.12.14-lp150.12.48.1
kernel-default-debuginfo-4.12.14-lp150.12.48.1
kernel-default-debugsource-4.12.14-lp150.12.48.1
kernel-default-devel-4.12.14-lp150.12.48.1
kernel-default-devel-debuginfo-4.12.14-lp150.12.48.1
kernel-kvmsmall-4.12.14-lp150.12.48.1
kernel-kvmsmall-base-4.12.14-lp150.12.48.1
kernel-kvmsmall-base-debu...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2018-20669.html
https://www.suse.com/security/cve/CVE-2019-3459.html
https://www.suse.com/security/cve/CVE-2019-3460.html
https://www.suse.com/security/cve/CVE-2019-6974.html
https://www.suse.com/security/cve/CVE-2019-7221.html
https://www.suse.com/security/cve/CVE-2019-7222.html
https://bugzilla.suse.com/1046306
https://bugzilla.suse.com/1050252
https://bugzilla.suse.com/1051510
https://bugzilla.suse.com/1054610
https://bugzilla.suse.com/1055121
https://bugzilla.suse.com/1056658
https://bugzilla.suse.com/1056662
https://bugzilla.suse.com/1084216
https://bugzilla.suse.com/1086301
https://bugzilla.suse.com/1086313
https://bugzilla.suse.com/1086314
https://bugzilla.suse.com/1086323
https://bugzilla.suse.com/1087082
https://bugzilla.suse.com/1087092
https://bugzilla.suse.com/1098382
https://bugzilla.suse.com/1098425
https://bugzilla.suse.com/1104353
https://bugzilla.suse.com/1106105
https://bugzilla.suse.com/1106434
https://bugzilla.suse.com/1106811
https://bugzilla.suse.com/1...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2019:0203-1
Rating: important
Affected Products:
openSUSE Leap 15.0
le.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!