SUSE: 2019:14127-1 Important: Linux Kernel Denial Of Service Fix

suse

July 18, 2019

An update that solves 7 vulnerabilities and has four fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel(bnc#1120758). - CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before (bnc#1120758). - CVE-2019-3896: A double-free could happen in idr_remove_all() in lib/idr.c in the Linux kernel. An unprivileged local attacker could use this flaw for a privilege escalation or for a system crash and a denial of service (DoS) (bnc#1138943). - CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every

Topics Covered

security advisory software update important kernel SUSE bugfix Denial Of Service

References

#1063416 #1090078 #1102340 #1120758 #1134395

#1134835 #1135650 #1136424 #1137194 #1138943

#1139751

Cross- CVE-2018-20836 CVE-2018-5390 CVE-2019-12614

CVE-2019-3459 CVE-2019-3460 CVE-2019-3846

CVE-2019-3896

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2018-20836.html

https://www.suse.com/security/cve/CVE-2018-5390.html

https://www.suse.com/security/cve/CVE-2019-12614.html

https://www.suse.com/security/cve/CVE-2019-3459.html

https://www.suse.com/security/cve/CVE-2019-3460.html

https://www.suse.com/security/cve/CVE-2019-3846.html

https://www.suse.com/security/cve/CVE-2019-3896.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:14127-1

Rating: important

Topics Covered

security advisory software update important kernel SUSE bugfix Denial Of Service

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:14127-1 Important: Linux Kernel Denial Of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:14127-1 Important: Linux Kernel Denial Of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!