Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2020:2498-1 Important: Linux Kernel Live Patch Critical Issues

suse
Calendar Grey September 4, 2020
Dist Suse Esm H88
The SUSE Security Update resolves various vulnerabilities present in the Linux Kernel Live Patch for SLE 12 SP3, incorporating critical patches.
An update that fixes 6 vulnerabilities is now available

Summary

This update for the Linux Kernel 4.4.180-94_113 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll (bsc#1174247). - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c (bsc#1173659). - CVE-2019-9458: Fixed a use-after-free in media/v4l (bsc#1173963). - CVE-2020-11668: Fixed a memory corruption issue in the Xirlink camera USB driver (bsc#1173942). - CVE-2019-19447: Fixed a use-after-free in ext4_put_super (bsc#1173869). - CVE-2019-14895: Fixed a heap-based buffer overflow in the Marvell WiFi driver (bsc#1173100). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory buffer overflow kernel update memory corruption important use-after-free SUSE Linux Enterprise

References

#1173100 #1173659 #1173869 #1173942 #1173963

#1174247

Cross- CVE-2019-14895 CVE-2019-16746 CVE-2019-19447

CVE-2019-9458 CVE-2020-11668 CVE-2020-14331

Affected Products:

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server 12-SP3-LTSS

https://www.suse.com/security/cve/CVE-2019-14895.html

https://www.suse.com/security/cve/CVE-2019-16746.html

https://www.suse.com/security/cve/CVE-2019-19447.html

https://www.suse.com/security/cve/CVE-2019-9458.html

https://www.suse.com/security/cve/CVE-2020-11668.html

https://www.suse.com/security/cve/CVE-2020-14331.html

https://bugzilla.suse.com/1173100

https://bugzilla.suse.com/1173659

https://bugzilla.suse.com/1173869

https://bugzilla.suse.com/1173942

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2498-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow kernel update memory corruption important use-after-free SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here