Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

SUSE: 2019:2948-1 Important: Linux Kernel Security Issues Resolved

suse
Calendar Grey November 12, 2019
Dist Suse Esm H88
SUSE Security Update: Security update for the Linux Kernel _________________________________________
An update that solves 6 vulnerabilities and has 30 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel KVM hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://support.scc.suse.com/s/kb?language=en_US CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the

References

#1051510 #1082635 #1083647 #1090631 #1096254

#1117665 #1119461 #1119465 #1123034 #1135966

#1135967 #1137040 #1138190 #1139073 #1140090

#1143706 #1144338 #1144903 #1146612 #1149119

#1150457 #1151225 #1152624 #1153476 #1153509

#1153969 #1154737 #1154848 #1154858 #1154905

#1154959 #1155178 #1155179 #1155184 #1155186

#1155671

Cross- CVE-2018-12207 CVE-2019-0154 CVE-2019-0155

CVE-2019-10220 CVE-2019-11135 CVE-2019-16233

Affected Products:

SUSE Linux Enterprise Live Patching 12-SP4

https://www.suse.com/security/cve/CVE-2018-12207.html

https://www.suse.com/security/cve/CVE-2019-0154.html

https://www.suse.com/security/cve/CVE-2019-0155.html

https://www.suse.com/security/cve/CVE-2019-10220.html

https://www.suse.com/security/cve/CVE-2019-11135.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:2948-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.