SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:0801-1)

high Nessus Plugin ID 123546

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.176 to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).

CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2019-801=1

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2019-801=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-801=1

SUSE Linux Enterprise Live Patching 12-SP3:zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2019-801=1

SUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch SUSE-SLE-HA-12-SP3-2019-801=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2019-801=1

SUSE CaaS Platform ALL :

To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

SUSE CaaS Platform 3.0 :

To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1012382

https://bugzilla.suse.com/show_bug.cgi?id=1020413

https://bugzilla.suse.com/show_bug.cgi?id=1065600

https://bugzilla.suse.com/show_bug.cgi?id=1070767

https://bugzilla.suse.com/show_bug.cgi?id=1075697

https://bugzilla.suse.com/show_bug.cgi?id=1082943

https://bugzilla.suse.com/show_bug.cgi?id=1087092

https://bugzilla.suse.com/show_bug.cgi?id=1090435

https://bugzilla.suse.com/show_bug.cgi?id=1102959

https://bugzilla.suse.com/show_bug.cgi?id=1103429

https://bugzilla.suse.com/show_bug.cgi?id=1106929

https://bugzilla.suse.com/show_bug.cgi?id=1109137

https://bugzilla.suse.com/show_bug.cgi?id=1109248

https://bugzilla.suse.com/show_bug.cgi?id=1119019

https://bugzilla.suse.com/show_bug.cgi?id=1119843

https://bugzilla.suse.com/show_bug.cgi?id=1120691

https://bugzilla.suse.com/show_bug.cgi?id=1120902

https://bugzilla.suse.com/show_bug.cgi?id=1121713

https://bugzilla.suse.com/show_bug.cgi?id=1121805

https://bugzilla.suse.com/show_bug.cgi?id=1124235

https://bugzilla.suse.com/show_bug.cgi?id=1125315

https://bugzilla.suse.com/show_bug.cgi?id=1125446

https://bugzilla.suse.com/show_bug.cgi?id=1126389

https://bugzilla.suse.com/show_bug.cgi?id=1126772

https://bugzilla.suse.com/show_bug.cgi?id=1126773

https://bugzilla.suse.com/show_bug.cgi?id=1126805

https://bugzilla.suse.com/show_bug.cgi?id=1127082

https://bugzilla.suse.com/show_bug.cgi?id=1127155

https://bugzilla.suse.com/show_bug.cgi?id=1127561

https://bugzilla.suse.com/show_bug.cgi?id=1127725

https://bugzilla.suse.com/show_bug.cgi?id=1127731

https://bugzilla.suse.com/show_bug.cgi?id=1127961

https://bugzilla.suse.com/show_bug.cgi?id=1128166

https://bugzilla.suse.com/show_bug.cgi?id=1128452

https://bugzilla.suse.com/show_bug.cgi?id=1128565

https://bugzilla.suse.com/show_bug.cgi?id=1128696

https://bugzilla.suse.com/show_bug.cgi?id=1128756

https://bugzilla.suse.com/show_bug.cgi?id=1128893

https://bugzilla.suse.com/show_bug.cgi?id=1129080

https://bugzilla.suse.com/show_bug.cgi?id=1129179

https://bugzilla.suse.com/show_bug.cgi?id=1129237

https://bugzilla.suse.com/show_bug.cgi?id=1129238

https://bugzilla.suse.com/show_bug.cgi?id=1129239

https://bugzilla.suse.com/show_bug.cgi?id=1129240

https://bugzilla.suse.com/show_bug.cgi?id=1129241

https://bugzilla.suse.com/show_bug.cgi?id=1129413

https://bugzilla.suse.com/show_bug.cgi?id=1129414

https://bugzilla.suse.com/show_bug.cgi?id=1129415

https://bugzilla.suse.com/show_bug.cgi?id=1129416

https://bugzilla.suse.com/show_bug.cgi?id=1129417

https://bugzilla.suse.com/show_bug.cgi?id=1129418

https://bugzilla.suse.com/show_bug.cgi?id=1129419

https://bugzilla.suse.com/show_bug.cgi?id=1129581

https://bugzilla.suse.com/show_bug.cgi?id=1129770

https://bugzilla.suse.com/show_bug.cgi?id=1129923

https://www.suse.com/security/cve/CVE-2019-2024/

https://www.suse.com/security/cve/CVE-2019-9213/

http://www.nessus.org/u?8c4ee0bf

Plugin Details

Severity: High

ID: 123546

File Name: suse_SU-2019-0801-1.nasl

Version: 1.6

Type: local

Agent: unix

Published: 4/1/2019

Updated: 1/27/2020

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/29/2019

Vulnerability Publication Date: 3/5/2019

Exploitable With

Metasploit (Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation)

Reference Information

CVE: CVE-2019-2024, CVE-2019-9213