SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2879-1)

High Nessus Plugin ID 130452

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2017-18595: A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).

CVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).

CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).

CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permitted sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation.
This allowed practical brute-force attacks (aka 'KNOB') that could decrypt traffic and injected arbitrary ciphertext without the victim noticing (bnc#1137865 bnc#1146042).

CVE-2019-16232: Fixed a NULL pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c, which did not check the alloc_workqueue return value (bnc#1150465).

CVE-2019-16234: Fixed a NULL pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c, which did not check the alloc_workqueue return value (bnc#1150452).

CVE-2019-17056: Added enforcement of CAP_NET_RAW in llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module, the lack of which allowed unprivileged users to create a raw socket, aka CID-3a359798b176 (bnc#1152788).

CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).

CVE-2019-17666: Added an upper-bound check in rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c, the lack of which could have led to a buffer overflow (bnc#1154372).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch SUSE-SLE-WE-12-SP4-2019-2879=1

SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-2879=1

SUSE Linux Enterprise Server 12-SP4:zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-2879=1

SUSE Linux Enterprise Live Patching 12-SP4:zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2019-2879=1

SUSE Linux Enterprise High Availability 12-SP4:zypper in -t patch SUSE-SLE-HA-12-SP4-2019-2879=1

SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-2879=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1046299

https://bugzilla.suse.com/show_bug.cgi?id=1046303

https://bugzilla.suse.com/show_bug.cgi?id=1046305

https://bugzilla.suse.com/show_bug.cgi?id=1050244

https://bugzilla.suse.com/show_bug.cgi?id=1050536

https://bugzilla.suse.com/show_bug.cgi?id=1050545

https://bugzilla.suse.com/show_bug.cgi?id=1051510

https://bugzilla.suse.com/show_bug.cgi?id=1054914

https://bugzilla.suse.com/show_bug.cgi?id=1055117

https://bugzilla.suse.com/show_bug.cgi?id=1055186

https://bugzilla.suse.com/show_bug.cgi?id=1061840

https://bugzilla.suse.com/show_bug.cgi?id=1064802

https://bugzilla.suse.com/show_bug.cgi?id=1065600

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1066129

https://bugzilla.suse.com/show_bug.cgi?id=1071995

https://bugzilla.suse.com/show_bug.cgi?id=1073513

https://bugzilla.suse.com/show_bug.cgi?id=1082555

https://bugzilla.suse.com/show_bug.cgi?id=1086323

https://bugzilla.suse.com/show_bug.cgi?id=1087092

https://bugzilla.suse.com/show_bug.cgi?id=1089644

https://bugzilla.suse.com/show_bug.cgi?id=1093205

https://bugzilla.suse.com/show_bug.cgi?id=1097583

https://bugzilla.suse.com/show_bug.cgi?id=1097584

https://bugzilla.suse.com/show_bug.cgi?id=1097585

https://bugzilla.suse.com/show_bug.cgi?id=1097586

https://bugzilla.suse.com/show_bug.cgi?id=1097587

https://bugzilla.suse.com/show_bug.cgi?id=1097588

https://bugzilla.suse.com/show_bug.cgi?id=1098291

https://bugzilla.suse.com/show_bug.cgi?id=1101674

https://bugzilla.suse.com/show_bug.cgi?id=1104967

https://bugzilla.suse.com/show_bug.cgi?id=1109158

https://bugzilla.suse.com/show_bug.cgi?id=1113722

https://bugzilla.suse.com/show_bug.cgi?id=1114279

https://bugzilla.suse.com/show_bug.cgi?id=1117665

https://bugzilla.suse.com/show_bug.cgi?id=1119086

https://bugzilla.suse.com/show_bug.cgi?id=1122363

https://bugzilla.suse.com/show_bug.cgi?id=1123034

https://bugzilla.suse.com/show_bug.cgi?id=1123080

https://bugzilla.suse.com/show_bug.cgi?id=1127155

https://bugzilla.suse.com/show_bug.cgi?id=1127988

https://bugzilla.suse.com/show_bug.cgi?id=1131304

https://bugzilla.suse.com/show_bug.cgi?id=1133140

https://bugzilla.suse.com/show_bug.cgi?id=1134303

https://bugzilla.suse.com/show_bug.cgi?id=1135642

https://bugzilla.suse.com/show_bug.cgi?id=1135854

https://bugzilla.suse.com/show_bug.cgi?id=1135873

https://bugzilla.suse.com/show_bug.cgi?id=1137799

https://bugzilla.suse.com/show_bug.cgi?id=1137861

https://bugzilla.suse.com/show_bug.cgi?id=1137865

https://bugzilla.suse.com/show_bug.cgi?id=1137959

https://bugzilla.suse.com/show_bug.cgi?id=1140155

https://bugzilla.suse.com/show_bug.cgi?id=1140729

https://bugzilla.suse.com/show_bug.cgi?id=1140845

https://bugzilla.suse.com/show_bug.cgi?id=1140883

https://bugzilla.suse.com/show_bug.cgi?id=1141600

https://bugzilla.suse.com/show_bug.cgi?id=1142076

https://bugzilla.suse.com/show_bug.cgi?id=1142635

https://bugzilla.suse.com/show_bug.cgi?id=1142667

https://bugzilla.suse.com/show_bug.cgi?id=1144375

https://bugzilla.suse.com/show_bug.cgi?id=1144449

https://bugzilla.suse.com/show_bug.cgi?id=1145099

https://bugzilla.suse.com/show_bug.cgi?id=1146042

https://bugzilla.suse.com/show_bug.cgi?id=1146519

https://bugzilla.suse.com/show_bug.cgi?id=1146540

https://bugzilla.suse.com/show_bug.cgi?id=1146664

https://bugzilla.suse.com/show_bug.cgi?id=1148133

https://bugzilla.suse.com/show_bug.cgi?id=1148410

https://bugzilla.suse.com/show_bug.cgi?id=1148712

https://bugzilla.suse.com/show_bug.cgi?id=1148868

https://bugzilla.suse.com/show_bug.cgi?id=1149313

https://bugzilla.suse.com/show_bug.cgi?id=1149446

https://bugzilla.suse.com/show_bug.cgi?id=1149555

https://bugzilla.suse.com/show_bug.cgi?id=1149651

https://bugzilla.suse.com/show_bug.cgi?id=1150381

https://bugzilla.suse.com/show_bug.cgi?id=1150423

https://bugzilla.suse.com/show_bug.cgi?id=1150452

https://bugzilla.suse.com/show_bug.cgi?id=1150465

https://bugzilla.suse.com/show_bug.cgi?id=1150875

https://bugzilla.suse.com/show_bug.cgi?id=1151350

https://bugzilla.suse.com/show_bug.cgi?id=1151508

https://bugzilla.suse.com/show_bug.cgi?id=1151610

https://bugzilla.suse.com/show_bug.cgi?id=1151667

https://bugzilla.suse.com/show_bug.cgi?id=1151671

https://bugzilla.suse.com/show_bug.cgi?id=1151680

https://bugzilla.suse.com/show_bug.cgi?id=1151891

https://bugzilla.suse.com/show_bug.cgi?id=1151955

https://bugzilla.suse.com/show_bug.cgi?id=1152024

https://bugzilla.suse.com/show_bug.cgi?id=1152025

https://bugzilla.suse.com/show_bug.cgi?id=1152026

https://bugzilla.suse.com/show_bug.cgi?id=1152161

https://bugzilla.suse.com/show_bug.cgi?id=1152325

https://bugzilla.suse.com/show_bug.cgi?id=1152457

https://bugzilla.suse.com/show_bug.cgi?id=1152460

https://bugzilla.suse.com/show_bug.cgi?id=1152466

https://bugzilla.suse.com/show_bug.cgi?id=1152788

https://bugzilla.suse.com/show_bug.cgi?id=1152791

https://bugzilla.suse.com/show_bug.cgi?id=1152972

https://bugzilla.suse.com/show_bug.cgi?id=1152974

https://bugzilla.suse.com/show_bug.cgi?id=1152975

https://bugzilla.suse.com/show_bug.cgi?id=1153112

https://bugzilla.suse.com/show_bug.cgi?id=1153158

https://bugzilla.suse.com/show_bug.cgi?id=1153236

https://bugzilla.suse.com/show_bug.cgi?id=1153263

https://bugzilla.suse.com/show_bug.cgi?id=1153646

https://bugzilla.suse.com/show_bug.cgi?id=1153713

https://bugzilla.suse.com/show_bug.cgi?id=1153717

https://bugzilla.suse.com/show_bug.cgi?id=1153718

https://bugzilla.suse.com/show_bug.cgi?id=1153719

https://bugzilla.suse.com/show_bug.cgi?id=1153811

https://bugzilla.suse.com/show_bug.cgi?id=1154108

https://bugzilla.suse.com/show_bug.cgi?id=1154189

https://bugzilla.suse.com/show_bug.cgi?id=1154354

https://bugzilla.suse.com/show_bug.cgi?id=1154372

https://bugzilla.suse.com/show_bug.cgi?id=1154578

https://bugzilla.suse.com/show_bug.cgi?id=1154607

https://bugzilla.suse.com/show_bug.cgi?id=1154608

https://bugzilla.suse.com/show_bug.cgi?id=1154610

https://bugzilla.suse.com/show_bug.cgi?id=1154611

https://bugzilla.suse.com/show_bug.cgi?id=1154651

https://bugzilla.suse.com/show_bug.cgi?id=1154747

https://www.suse.com/security/cve/CVE-2017-18595/

https://www.suse.com/security/cve/CVE-2019-14821/

https://www.suse.com/security/cve/CVE-2019-15291/

https://www.suse.com/security/cve/CVE-2019-16232/

https://www.suse.com/security/cve/CVE-2019-16234/

https://www.suse.com/security/cve/CVE-2019-17056/

https://www.suse.com/security/cve/CVE-2019-17133/

https://www.suse.com/security/cve/CVE-2019-17666/

https://www.suse.com/security/cve/CVE-2019-9506/

http://www.nessus.org/u?23636ee0

Plugin Details

Severity: High

ID: 130452

File Name: suse_SU-2019-2879-1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2019/11/01

Updated: 2019/12/17

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 6.7

CVSS Score Source: CVE-2019-17666

CVSS v2.0

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2019/10/31

Vulnerability Publication Date: 2019/08/14

Reference Information

CVE: CVE-2017-18595, CVE-2019-14821, CVE-2019-15291, CVE-2019-16232, CVE-2019-16234, CVE-2019-17056, CVE-2019-17133, CVE-2019-17666, CVE-2019-9506