SUSE Linux Kernel Security Update 2019:13937-1 Critical Denial Of Service

suse

January 29, 2019

An update that solves 12 vulnerabilities and has 18 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.0.101 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1108498). - CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841). - CVE-2018-19985: The function hso_probe read if_num from the USB device

Topics Covered

security advisory bug fix kernel SUSE local escalation

References

#1031240 #1039803 #1066674 #1071021 #1094186

#1094825 #1104070 #1104366 #1104367 #1107189

#1108498 #1109200 #1113201 #1113751 #1113769

#1114920 #1115007 #1115038 #1116412 #1116841

#1117515 #1118152 #1118319 #1119255 #1119714

#1120743 #905299 #936875 #968018 #990682

Cross- CVE-2017-1000407 CVE-2017-16533 CVE-2017-7273

CVE-2018-18281 CVE-2018-18386 CVE-2018-18710

CVE-2018-19407 CVE-2018-19824 CVE-2018-19985

CVE-2018-20169 CVE-2018-9516 CVE-2018-9568

Affected Products:

SUSE Linux Enterprise Server 11-SP3-LTSS

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Point of Sale 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2017-1000407.html

https://www.suse.com/se...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:13937-1

Rating: important

Topics Covered

security advisory bug fix kernel SUSE local escalation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Kernel Security Update 2019:13937-1 Critical Denial Of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Kernel Security Update 2019:13937-1 Critical Denial Of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!