openSUSE Leap 15.0: 2019:2173-1 Critical: Kernel Security Update
opensuse
September 24, 2019
An update that solves 38 vulnerabilities and has 159 fixes is now available.
Description
The openSUSE Leap 15.0 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2017-18551: There was an out of bounds write in the function
i2c_smbus_xfer_emulated (bnc#1146163).
- CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super
failure (bnc#1146285).
- CVE-2018-21008: A use-after-free can be caused by the function
rsi_mac80211_detach in the file
drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591).
- CVE-2019-14814: A heap overflow in mwifiex_set_uap_rates() function of
Marvell was fixed. (bnc#1146512).
- CVE-2019-14815: A heap overflow in mwifiex_set_wmm_params() function of
Marvell Wifi Driver was fixed. (bnc#1146514).
- CVE-2019-14816: A heap overflow in mwifiex_update_vs_ie() function of
Marvell Wifi Driver was fixed. (bnc#1146516).
- CVE-2019-14835: A vhost/vhost_net kernel buffer overflow could lead to
guest to host kernel...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-2173=1
Package List
- openSUSE Leap 15.0 (x86_64):
kernel-debug-4.12.14-lp150.12.73.1
kernel-debug-base-4.12.14-lp150.12.73.1
kernel-debug-base-debuginfo-4.12.14-lp150.12.73.1
kernel-debug-debuginfo-4.12.14-lp150.12.73.1
kernel-debug-debugsource-4.12.14-lp150.12.73.1
kernel-debug-devel-4.12.14-lp150.12.73.1
kernel-debug-devel-debuginfo-4.12.14-lp150.12.73.1
kernel-default-4.12.14-lp150.12.73.1
kernel-default-base-4.12.14-lp150.12.73.1
kernel-default-base-debuginfo-4.12.14-lp150.12.73.1
kernel-default-debuginfo-4.12.14-lp150.12.73.1
kernel-default-debugsource-4.12.14-lp150.12.73.1
kernel-default-devel-4.12.14-lp150.12.73.1
kernel-default-devel-debuginfo-4.12.14-lp150.12.73.1
kernel-kvmsmall-4.12.14-lp150.12.73.1
kernel-kvmsmall-base-4.12.14-lp150.12.73.1
kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.73.1
kernel-kvmsmall-debuginfo-4.12.14-lp150.12.73.1
kernel-kvmsmall-debugsource-4.12.14-lp150.12.73.1
kernel-kvmsmall-devel-4.12.14-lp150.12.73.1
kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.73.1
kernel-obs-build-4.12.14-lp15...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2017-18551.html
https://www.suse.com/security/cve/CVE-2018-20976.html
https://www.suse.com/security/cve/CVE-2018-21008.html
https://www.suse.com/security/cve/CVE-2019-14814.html
https://www.suse.com/security/cve/CVE-2019-14815.html
https://www.suse.com/security/cve/CVE-2019-14816.html
https://www.suse.com/security/cve/CVE-2019-14835.html
https://www.suse.com/security/cve/CVE-2019-15030.html
https://www.suse.com/security/cve/CVE-2019-15031.html
https://www.suse.com/security/cve/CVE-2019-15090.html
https://www.suse.com/security/cve/CVE-2019-15098.html
https://www.suse.com/security/cve/CVE-2019-15117.html
https://www.suse.com/security/cve/CVE-2019-15118.html
https://www.suse.com/security/cve/CVE-2019-15211.html
https://www.suse.com/security/cve/CVE-2019-15212.html
https://www.suse.com/security/cve/CVE-2019-15214.html
https://www.suse.com/security/cve/CVE-2019-15215.html
https://www.suse.com/security/cve/CVE-2019-15216.html
https://www.suse.com/security/cve/CVE-2019-152...
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2019:2173-1
Rating: important
Affected Products:
openSUSE Leap 15.0
le.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!