openSUSE Security Update : the Linux Kernel (openSUSE-2019-1571) (SACK Panic) (SACK Slowness)

High Nessus Plugin ID 126059

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.4

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE Leap 15.1 was updated to receive various security and bugfixes.

The following security bugs were fixed :

- CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic.
(bsc#1137586).

- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586)

- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which would fragment the RACK send map. A remote attacker may be able to further exploit the fragmented send map to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. This would have resulted in excess resource consumption due to low mss values.
(bsc#1137586)

- CVE-2019-12819: The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service (bnc#1138291).

- CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller did not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c (bnc#1138293).

- CVE-2019-12456: An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c that allowed local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a 'double fetch' vulnerability. (bnc#1136922)

- CVE-2019-12380: An issue was discovered in the efi subsystem in the Linux kernel phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures (bnc#1136598).

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bnc#1136424).

- CVE-2019-10124: An attacker could exploit an issue in the hwpoison implementation to cause a denial of service (BUG). (bsc#1130699)

- CVE-2019-12382: In the drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1136586).

- CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bnc#1133190).

Solution

Update the affected the Linux Kernel packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1012382

https://bugzilla.opensuse.org/show_bug.cgi?id=1050242

https://bugzilla.opensuse.org/show_bug.cgi?id=1051510

https://bugzilla.opensuse.org/show_bug.cgi?id=1053043

https://bugzilla.opensuse.org/show_bug.cgi?id=1056787

https://bugzilla.opensuse.org/show_bug.cgi?id=1058115

https://bugzilla.opensuse.org/show_bug.cgi?id=1061840

https://bugzilla.opensuse.org/show_bug.cgi?id=1064802

https://bugzilla.opensuse.org/show_bug.cgi?id=1065600

https://bugzilla.opensuse.org/show_bug.cgi?id=1065729

https://bugzilla.opensuse.org/show_bug.cgi?id=1066129

https://bugzilla.opensuse.org/show_bug.cgi?id=1068546

https://bugzilla.opensuse.org/show_bug.cgi?id=1071995

https://bugzilla.opensuse.org/show_bug.cgi?id=1075020

https://bugzilla.opensuse.org/show_bug.cgi?id=1082387

https://bugzilla.opensuse.org/show_bug.cgi?id=1083647

https://bugzilla.opensuse.org/show_bug.cgi?id=1085535

https://bugzilla.opensuse.org/show_bug.cgi?id=1093389

https://bugzilla.opensuse.org/show_bug.cgi?id=1099658

https://bugzilla.opensuse.org/show_bug.cgi?id=1103992

https://bugzilla.opensuse.org/show_bug.cgi?id=1104353

https://bugzilla.opensuse.org/show_bug.cgi?id=1104427

https://bugzilla.opensuse.org/show_bug.cgi?id=1111666

https://bugzilla.opensuse.org/show_bug.cgi?id=1111696

https://bugzilla.opensuse.org/show_bug.cgi?id=1113722

https://bugzilla.opensuse.org/show_bug.cgi?id=1115688

https://bugzilla.opensuse.org/show_bug.cgi?id=1117114

https://bugzilla.opensuse.org/show_bug.cgi?id=1117158

https://bugzilla.opensuse.org/show_bug.cgi?id=1117561

https://bugzilla.opensuse.org/show_bug.cgi?id=1118139

https://bugzilla.opensuse.org/show_bug.cgi?id=1120091

https://bugzilla.opensuse.org/show_bug.cgi?id=1120423

https://bugzilla.opensuse.org/show_bug.cgi?id=1120566

https://bugzilla.opensuse.org/show_bug.cgi?id=1120902

https://bugzilla.opensuse.org/show_bug.cgi?id=1124503

https://bugzilla.opensuse.org/show_bug.cgi?id=1126206

https://bugzilla.opensuse.org/show_bug.cgi?id=1126356

https://bugzilla.opensuse.org/show_bug.cgi?id=1127616

https://bugzilla.opensuse.org/show_bug.cgi?id=1128432

https://bugzilla.opensuse.org/show_bug.cgi?id=1130699

https://bugzilla.opensuse.org/show_bug.cgi?id=1131673

https://bugzilla.opensuse.org/show_bug.cgi?id=1133190

https://bugzilla.opensuse.org/show_bug.cgi?id=1133612

https://bugzilla.opensuse.org/show_bug.cgi?id=1133616

https://bugzilla.opensuse.org/show_bug.cgi?id=1134090

https://bugzilla.opensuse.org/show_bug.cgi?id=1134671

https://bugzilla.opensuse.org/show_bug.cgi?id=1134730

https://bugzilla.opensuse.org/show_bug.cgi?id=1134738

https://bugzilla.opensuse.org/show_bug.cgi?id=1134743

https://bugzilla.opensuse.org/show_bug.cgi?id=1134806

https://bugzilla.opensuse.org/show_bug.cgi?id=1134936

https://bugzilla.opensuse.org/show_bug.cgi?id=1134945

https://bugzilla.opensuse.org/show_bug.cgi?id=1134946

https://bugzilla.opensuse.org/show_bug.cgi?id=1134947

https://bugzilla.opensuse.org/show_bug.cgi?id=1134948

https://bugzilla.opensuse.org/show_bug.cgi?id=1134949

https://bugzilla.opensuse.org/show_bug.cgi?id=1134950

https://bugzilla.opensuse.org/show_bug.cgi?id=1134951

https://bugzilla.opensuse.org/show_bug.cgi?id=1134952

https://bugzilla.opensuse.org/show_bug.cgi?id=1134953

https://bugzilla.opensuse.org/show_bug.cgi?id=1134972

https://bugzilla.opensuse.org/show_bug.cgi?id=1134974

https://bugzilla.opensuse.org/show_bug.cgi?id=1134975

https://bugzilla.opensuse.org/show_bug.cgi?id=1134980

https://bugzilla.opensuse.org/show_bug.cgi?id=1134981

https://bugzilla.opensuse.org/show_bug.cgi?id=1134983

https://bugzilla.opensuse.org/show_bug.cgi?id=1134987

https://bugzilla.opensuse.org/show_bug.cgi?id=1134989

https://bugzilla.opensuse.org/show_bug.cgi?id=1134990

https://bugzilla.opensuse.org/show_bug.cgi?id=1134994

https://bugzilla.opensuse.org/show_bug.cgi?id=1134995

https://bugzilla.opensuse.org/show_bug.cgi?id=1134998

https://bugzilla.opensuse.org/show_bug.cgi?id=1134999

https://bugzilla.opensuse.org/show_bug.cgi?id=1135018

https://bugzilla.opensuse.org/show_bug.cgi?id=1135021

https://bugzilla.opensuse.org/show_bug.cgi?id=1135024

https://bugzilla.opensuse.org/show_bug.cgi?id=1135026

https://bugzilla.opensuse.org/show_bug.cgi?id=1135027

https://bugzilla.opensuse.org/show_bug.cgi?id=1135028

https://bugzilla.opensuse.org/show_bug.cgi?id=1135029

https://bugzilla.opensuse.org/show_bug.cgi?id=1135031

https://bugzilla.opensuse.org/show_bug.cgi?id=1135033

https://bugzilla.opensuse.org/show_bug.cgi?id=1135034

https://bugzilla.opensuse.org/show_bug.cgi?id=1135035

https://bugzilla.opensuse.org/show_bug.cgi?id=1135036

https://bugzilla.opensuse.org/show_bug.cgi?id=1135037

https://bugzilla.opensuse.org/show_bug.cgi?id=1135038

https://bugzilla.opensuse.org/show_bug.cgi?id=1135039

https://bugzilla.opensuse.org/show_bug.cgi?id=1135041

https://bugzilla.opensuse.org/show_bug.cgi?id=1135042

https://bugzilla.opensuse.org/show_bug.cgi?id=1135044

https://bugzilla.opensuse.org/show_bug.cgi?id=1135045

https://bugzilla.opensuse.org/show_bug.cgi?id=1135046

https://bugzilla.opensuse.org/show_bug.cgi?id=1135047

https://bugzilla.opensuse.org/show_bug.cgi?id=1135049

https://bugzilla.opensuse.org/show_bug.cgi?id=1135051

https://bugzilla.opensuse.org/show_bug.cgi?id=1135052

https://bugzilla.opensuse.org/show_bug.cgi?id=1135053

https://bugzilla.opensuse.org/show_bug.cgi?id=1135055

https://bugzilla.opensuse.org/show_bug.cgi?id=1135056

https://bugzilla.opensuse.org/show_bug.cgi?id=1135058

https://bugzilla.opensuse.org/show_bug.cgi?id=1135153

https://bugzilla.opensuse.org/show_bug.cgi?id=1135542

https://bugzilla.opensuse.org/show_bug.cgi?id=1135556

https://bugzilla.opensuse.org/show_bug.cgi?id=1135642

https://bugzilla.opensuse.org/show_bug.cgi?id=1135661

https://bugzilla.opensuse.org/show_bug.cgi?id=1136188

https://bugzilla.opensuse.org/show_bug.cgi?id=1136206

https://bugzilla.opensuse.org/show_bug.cgi?id=1136215

https://bugzilla.opensuse.org/show_bug.cgi?id=1136345

https://bugzilla.opensuse.org/show_bug.cgi?id=1136347

https://bugzilla.opensuse.org/show_bug.cgi?id=1136348

https://bugzilla.opensuse.org/show_bug.cgi?id=1136353

https://bugzilla.opensuse.org/show_bug.cgi?id=1136424

https://bugzilla.opensuse.org/show_bug.cgi?id=1136428

https://bugzilla.opensuse.org/show_bug.cgi?id=1136430

https://bugzilla.opensuse.org/show_bug.cgi?id=1136432

https://bugzilla.opensuse.org/show_bug.cgi?id=1136434

https://bugzilla.opensuse.org/show_bug.cgi?id=1136435

https://bugzilla.opensuse.org/show_bug.cgi?id=1136438

https://bugzilla.opensuse.org/show_bug.cgi?id=1136439

https://bugzilla.opensuse.org/show_bug.cgi?id=1136456

https://bugzilla.opensuse.org/show_bug.cgi?id=1136460

https://bugzilla.opensuse.org/show_bug.cgi?id=1136461

https://bugzilla.opensuse.org/show_bug.cgi?id=1136469

https://bugzilla.opensuse.org/show_bug.cgi?id=1136477

https://bugzilla.opensuse.org/show_bug.cgi?id=1136478

https://bugzilla.opensuse.org/show_bug.cgi?id=1136498

https://bugzilla.opensuse.org/show_bug.cgi?id=1136573

https://bugzilla.opensuse.org/show_bug.cgi?id=1136586

https://bugzilla.opensuse.org/show_bug.cgi?id=1136598

https://bugzilla.opensuse.org/show_bug.cgi?id=1136881

https://bugzilla.opensuse.org/show_bug.cgi?id=1136922

https://bugzilla.opensuse.org/show_bug.cgi?id=1136935

https://bugzilla.opensuse.org/show_bug.cgi?id=1136978

https://bugzilla.opensuse.org/show_bug.cgi?id=1136990

https://bugzilla.opensuse.org/show_bug.cgi?id=1137151

https://bugzilla.opensuse.org/show_bug.cgi?id=1137152

https://bugzilla.opensuse.org/show_bug.cgi?id=1137153

https://bugzilla.opensuse.org/show_bug.cgi?id=1137162

https://bugzilla.opensuse.org/show_bug.cgi?id=1137201

https://bugzilla.opensuse.org/show_bug.cgi?id=1137224

https://bugzilla.opensuse.org/show_bug.cgi?id=1137232

https://bugzilla.opensuse.org/show_bug.cgi?id=1137233

https://bugzilla.opensuse.org/show_bug.cgi?id=1137236

https://bugzilla.opensuse.org/show_bug.cgi?id=1137372

https://bugzilla.opensuse.org/show_bug.cgi?id=1137429

https://bugzilla.opensuse.org/show_bug.cgi?id=1137444

https://bugzilla.opensuse.org/show_bug.cgi?id=1137586

https://bugzilla.opensuse.org/show_bug.cgi?id=1137739

https://bugzilla.opensuse.org/show_bug.cgi?id=1137752

https://bugzilla.opensuse.org/show_bug.cgi?id=1137995

https://bugzilla.opensuse.org/show_bug.cgi?id=1137996

https://bugzilla.opensuse.org/show_bug.cgi?id=1137998

https://bugzilla.opensuse.org/show_bug.cgi?id=1137999

https://bugzilla.opensuse.org/show_bug.cgi?id=1138000

https://bugzilla.opensuse.org/show_bug.cgi?id=1138002

https://bugzilla.opensuse.org/show_bug.cgi?id=1138003

https://bugzilla.opensuse.org/show_bug.cgi?id=1138005

https://bugzilla.opensuse.org/show_bug.cgi?id=1138006

https://bugzilla.opensuse.org/show_bug.cgi?id=1138007

https://bugzilla.opensuse.org/show_bug.cgi?id=1138008

https://bugzilla.opensuse.org/show_bug.cgi?id=1138009

https://bugzilla.opensuse.org/show_bug.cgi?id=1138010

https://bugzilla.opensuse.org/show_bug.cgi?id=1138011

https://bugzilla.opensuse.org/show_bug.cgi?id=1138012

https://bugzilla.opensuse.org/show_bug.cgi?id=1138013

https://bugzilla.opensuse.org/show_bug.cgi?id=1138014

https://bugzilla.opensuse.org/show_bug.cgi?id=1138015

https://bugzilla.opensuse.org/show_bug.cgi?id=1138016

https://bugzilla.opensuse.org/show_bug.cgi?id=1138017

https://bugzilla.opensuse.org/show_bug.cgi?id=1138018

https://bugzilla.opensuse.org/show_bug.cgi?id=1138019

https://bugzilla.opensuse.org/show_bug.cgi?id=1138291

https://bugzilla.opensuse.org/show_bug.cgi?id=1138293

https://bugzilla.opensuse.org/show_bug.cgi?id=1138336

https://bugzilla.opensuse.org/show_bug.cgi?id=1138374

https://bugzilla.opensuse.org/show_bug.cgi?id=1138375

Plugin Details

Severity: High

ID: 126059

File Name: openSUSE-2019-1571.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2019/06/20

Updated: 2020/01/10

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS v2.0

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-docs-html, p-cpe:/a:novell:opensuse:kernel-kvmsmall, p-cpe:/a:novell:opensuse:kernel-kvmsmall-base, p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo, p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource, p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel, p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 2019/06/18

Vulnerability Publication Date: 2019/03/27

Reference Information

CVE: CVE-2019-10124, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11487, CVE-2019-12380, CVE-2019-12382, CVE-2019-12456, CVE-2019-12818, CVE-2019-12819, CVE-2019-3846