SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13979-1)

high Nessus Plugin ID 122891

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1114920 bnc#1124010).

CVE-2017-18360: In change_port_settings in drivers/usb/serial/io_ti.c local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates (bnc#1123706).

CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).

CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).

CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).

CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).

CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).

CVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests. (bnc#1124735).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t patch sdksp4-kernel-20190225-13979=1

SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-kernel-20190225-13979=1

SUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch slexsp3-kernel-20190225-13979=1

SUSE Linux Enterprise Real Time Extension 11-SP4:zypper in -t patch slertesp4-kernel-20190225-13979=1

SUSE Linux Enterprise High Availability Extension 11-SP4:zypper in -t patch slehasp4-kernel-20190225-13979=1

SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-kernel-20190225-13979=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1012382

https://bugzilla.suse.com/show_bug.cgi?id=1031572

https://bugzilla.suse.com/show_bug.cgi?id=1068032

https://bugzilla.suse.com/show_bug.cgi?id=1086695

https://bugzilla.suse.com/show_bug.cgi?id=1087081

https://bugzilla.suse.com/show_bug.cgi?id=1094244

https://bugzilla.suse.com/show_bug.cgi?id=1098658

https://bugzilla.suse.com/show_bug.cgi?id=1104098

https://bugzilla.suse.com/show_bug.cgi?id=1104367

https://bugzilla.suse.com/show_bug.cgi?id=1104684

https://bugzilla.suse.com/show_bug.cgi?id=1104818

https://bugzilla.suse.com/show_bug.cgi?id=1105536

https://bugzilla.suse.com/show_bug.cgi?id=1106105

https://bugzilla.suse.com/show_bug.cgi?id=1106886

https://bugzilla.suse.com/show_bug.cgi?id=1107371

https://bugzilla.suse.com/show_bug.cgi?id=1109330

https://bugzilla.suse.com/show_bug.cgi?id=1109806

https://bugzilla.suse.com/show_bug.cgi?id=1110006

https://bugzilla.suse.com/show_bug.cgi?id=1112963

https://bugzilla.suse.com/show_bug.cgi?id=1113667

https://bugzilla.suse.com/show_bug.cgi?id=1114440

https://bugzilla.suse.com/show_bug.cgi?id=1114672

https://bugzilla.suse.com/show_bug.cgi?id=1114920

https://bugzilla.suse.com/show_bug.cgi?id=1115007

https://bugzilla.suse.com/show_bug.cgi?id=1115038

https://bugzilla.suse.com/show_bug.cgi?id=1115827

https://bugzilla.suse.com/show_bug.cgi?id=1115828

https://bugzilla.suse.com/show_bug.cgi?id=1115829

https://bugzilla.suse.com/show_bug.cgi?id=1115830

https://bugzilla.suse.com/show_bug.cgi?id=1115831

https://bugzilla.suse.com/show_bug.cgi?id=1115832

https://bugzilla.suse.com/show_bug.cgi?id=1115833

https://bugzilla.suse.com/show_bug.cgi?id=1115834

https://bugzilla.suse.com/show_bug.cgi?id=1115835

https://bugzilla.suse.com/show_bug.cgi?id=1115836

https://bugzilla.suse.com/show_bug.cgi?id=1115837

https://bugzilla.suse.com/show_bug.cgi?id=1115838

https://bugzilla.suse.com/show_bug.cgi?id=1115839

https://bugzilla.suse.com/show_bug.cgi?id=1115840

https://bugzilla.suse.com/show_bug.cgi?id=1115841

https://bugzilla.suse.com/show_bug.cgi?id=1115842

https://bugzilla.suse.com/show_bug.cgi?id=1115843

https://bugzilla.suse.com/show_bug.cgi?id=1115844

https://bugzilla.suse.com/show_bug.cgi?id=1116841

https://bugzilla.suse.com/show_bug.cgi?id=1117796

https://bugzilla.suse.com/show_bug.cgi?id=1117802

https://bugzilla.suse.com/show_bug.cgi?id=1117805

https://bugzilla.suse.com/show_bug.cgi?id=1117806

https://bugzilla.suse.com/show_bug.cgi?id=1117943

https://bugzilla.suse.com/show_bug.cgi?id=1118152

https://bugzilla.suse.com/show_bug.cgi?id=1118319

https://bugzilla.suse.com/show_bug.cgi?id=1118760

https://bugzilla.suse.com/show_bug.cgi?id=1119255

https://bugzilla.suse.com/show_bug.cgi?id=1119714

https://bugzilla.suse.com/show_bug.cgi?id=1120056

https://bugzilla.suse.com/show_bug.cgi?id=1120077

https://bugzilla.suse.com/show_bug.cgi?id=1120086

https://bugzilla.suse.com/show_bug.cgi?id=1120093

https://bugzilla.suse.com/show_bug.cgi?id=1120094

https://bugzilla.suse.com/show_bug.cgi?id=1120105

https://bugzilla.suse.com/show_bug.cgi?id=1120107

https://bugzilla.suse.com/show_bug.cgi?id=1120109

https://bugzilla.suse.com/show_bug.cgi?id=1120217

https://bugzilla.suse.com/show_bug.cgi?id=1120223

https://bugzilla.suse.com/show_bug.cgi?id=1120226

https://bugzilla.suse.com/show_bug.cgi?id=1120336

https://bugzilla.suse.com/show_bug.cgi?id=1120347

https://bugzilla.suse.com/show_bug.cgi?id=1120743

https://bugzilla.suse.com/show_bug.cgi?id=1120950

https://bugzilla.suse.com/show_bug.cgi?id=1121872

https://bugzilla.suse.com/show_bug.cgi?id=1121997

https://bugzilla.suse.com/show_bug.cgi?id=1122874

https://bugzilla.suse.com/show_bug.cgi?id=1123505

https://bugzilla.suse.com/show_bug.cgi?id=1123702

https://bugzilla.suse.com/show_bug.cgi?id=1123706

https://bugzilla.suse.com/show_bug.cgi?id=1124010

https://bugzilla.suse.com/show_bug.cgi?id=1124735

https://bugzilla.suse.com/show_bug.cgi?id=1125931

https://bugzilla.suse.com/show_bug.cgi?id=931850

https://bugzilla.suse.com/show_bug.cgi?id=969471

https://bugzilla.suse.com/show_bug.cgi?id=969473

https://www.suse.com/security/cve/CVE-2016-10741/

https://www.suse.com/security/cve/CVE-2017-18360/

https://www.suse.com/security/cve/CVE-2018-19407/

https://www.suse.com/security/cve/CVE-2018-19824/

https://www.suse.com/security/cve/CVE-2018-19985/

https://www.suse.com/security/cve/CVE-2018-20169/

https://www.suse.com/security/cve/CVE-2018-9568/

https://www.suse.com/security/cve/CVE-2019-7222/

http://www.nessus.org/u?3d011069

Plugin Details

Severity: High

ID: 122891

File Name: suse_SU-2019-13979-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 3/18/2019

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-ec2, p-cpe:/a:novell:suse_linux:kernel-ec2-base, p-cpe:/a:novell:suse_linux:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:kernel-pae, p-cpe:/a:novell:suse_linux:kernel-pae-base, p-cpe:/a:novell:suse_linux:kernel-pae-devel, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-trace, p-cpe:/a:novell:suse_linux:kernel-trace-base, p-cpe:/a:novell:suse_linux:kernel-trace-devel, p-cpe:/a:novell:suse_linux:kernel-xen, p-cpe:/a:novell:suse_linux:kernel-xen-base, p-cpe:/a:novell:suse_linux:kernel-xen-devel, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:kernel-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/15/2019

Vulnerability Publication Date: 11/21/2018

Reference Information

CVE: CVE-2016-10741, CVE-2017-18360, CVE-2018-19407, CVE-2018-19824, CVE-2018-19985, CVE-2018-20169, CVE-2018-9568, CVE-2019-7222