SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0558-1)

Critical Nessus Plugin ID 134287

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).

CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bnc#1164069).

CVE-2020-8648: There was a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).

CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which allowed local users to cause a denial of service or possibly obtain sensitive information from kernel memory (bnc#1162109).

CVE-2020-7053: There was a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c (bnc#1160966).

CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures (bnc#1161522).

CVE-2019-16994: A memory leak existed in sit_init_net() in net/ipv6/sit.c which might have caused denial of service (bnc#1161523).

CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures (bnc#1161518).

CVE-2019-14896: A heap overflow was found in the add_ie_rates() function of the Marvell Wifi Driver (bsc#1157157).

CVE-2019-14897: A stack overflow was found in the lbs_ibss_join_existing() function of the Marvell Wifi Driver (bsc#1157155).

CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a use-after-free (bnc#1158026).

CVE-2019-19036: An issue discovered in btrfs_root_node in fs/btrfs/ctree.c allowed a NULL pointer dereference because rcu_dereference(root->node) can be zero (bnc#1157692).

CVE-2019-14615: An information disclosure vulnerability existed due to insufficient control flow in certain data structures for some Intel(R) Processors (bnc#1160195).

CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition (bnc#1159911).

CVE-2019-19927: Fixed an out-of-bounds read access when mounting a crafted f2fs filesystem image and performing some operations, related to ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c (bnc#1160147).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 12-SP5:zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-558=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1050244

https://bugzilla.suse.com/show_bug.cgi?id=1050549

https://bugzilla.suse.com/show_bug.cgi?id=1051510

https://bugzilla.suse.com/show_bug.cgi?id=1051858

https://bugzilla.suse.com/show_bug.cgi?id=1061840

https://bugzilla.suse.com/show_bug.cgi?id=1065600

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1071995

https://bugzilla.suse.com/show_bug.cgi?id=1083647

https://bugzilla.suse.com/show_bug.cgi?id=1085030

https://bugzilla.suse.com/show_bug.cgi?id=1086301

https://bugzilla.suse.com/show_bug.cgi?id=1086313

https://bugzilla.suse.com/show_bug.cgi?id=1086314

https://bugzilla.suse.com/show_bug.cgi?id=1088810

https://bugzilla.suse.com/show_bug.cgi?id=1104745

https://bugzilla.suse.com/show_bug.cgi?id=1105392

https://bugzilla.suse.com/show_bug.cgi?id=1109837

https://bugzilla.suse.com/show_bug.cgi?id=1111666

https://bugzilla.suse.com/show_bug.cgi?id=1112178

https://bugzilla.suse.com/show_bug.cgi?id=1112374

https://bugzilla.suse.com/show_bug.cgi?id=1112504

https://bugzilla.suse.com/show_bug.cgi?id=1113956

https://bugzilla.suse.com/show_bug.cgi?id=1114279

https://bugzilla.suse.com/show_bug.cgi?id=1114648

https://bugzilla.suse.com/show_bug.cgi?id=1114685

https://bugzilla.suse.com/show_bug.cgi?id=1118338

https://bugzilla.suse.com/show_bug.cgi?id=1123328

https://bugzilla.suse.com/show_bug.cgi?id=1127682

https://bugzilla.suse.com/show_bug.cgi?id=1129551

https://bugzilla.suse.com/show_bug.cgi?id=1133021

https://bugzilla.suse.com/show_bug.cgi?id=1133147

https://bugzilla.suse.com/show_bug.cgi?id=1140025

https://bugzilla.suse.com/show_bug.cgi?id=1142685

https://bugzilla.suse.com/show_bug.cgi?id=1144162

https://bugzilla.suse.com/show_bug.cgi?id=1144333

https://bugzilla.suse.com/show_bug.cgi?id=1151927

https://bugzilla.suse.com/show_bug.cgi?id=1153535

https://bugzilla.suse.com/show_bug.cgi?id=1153917

https://bugzilla.suse.com/show_bug.cgi?id=1154243

https://bugzilla.suse.com/show_bug.cgi?id=1154601

https://bugzilla.suse.com/show_bug.cgi?id=1156609

https://bugzilla.suse.com/show_bug.cgi?id=1157155

https://bugzilla.suse.com/show_bug.cgi?id=1157157

https://bugzilla.suse.com/show_bug.cgi?id=1157424

https://bugzilla.suse.com/show_bug.cgi?id=1157480

https://bugzilla.suse.com/show_bug.cgi?id=1157692

https://bugzilla.suse.com/show_bug.cgi?id=1157966

https://bugzilla.suse.com/show_bug.cgi?id=1158013

https://bugzilla.suse.com/show_bug.cgi?id=1158026

https://bugzilla.suse.com/show_bug.cgi?id=1158071

https://bugzilla.suse.com/show_bug.cgi?id=1159028

https://bugzilla.suse.com/show_bug.cgi?id=1159096

https://bugzilla.suse.com/show_bug.cgi?id=1159271

https://bugzilla.suse.com/show_bug.cgi?id=1159377

https://bugzilla.suse.com/show_bug.cgi?id=1159394

https://bugzilla.suse.com/show_bug.cgi?id=1159588

https://bugzilla.suse.com/show_bug.cgi?id=1159911

https://bugzilla.suse.com/show_bug.cgi?id=1159955

https://bugzilla.suse.com/show_bug.cgi?id=1160147

https://bugzilla.suse.com/show_bug.cgi?id=1160195

https://bugzilla.suse.com/show_bug.cgi?id=1160210

https://bugzilla.suse.com/show_bug.cgi?id=1160211

https://bugzilla.suse.com/show_bug.cgi?id=1160218

https://bugzilla.suse.com/show_bug.cgi?id=1160433

https://bugzilla.suse.com/show_bug.cgi?id=1160442

https://bugzilla.suse.com/show_bug.cgi?id=1160469

https://bugzilla.suse.com/show_bug.cgi?id=1160470

https://bugzilla.suse.com/show_bug.cgi?id=1160476

https://bugzilla.suse.com/show_bug.cgi?id=1160560

https://bugzilla.suse.com/show_bug.cgi?id=1160618

https://bugzilla.suse.com/show_bug.cgi?id=1160678

https://bugzilla.suse.com/show_bug.cgi?id=1160755

https://bugzilla.suse.com/show_bug.cgi?id=1160756

https://bugzilla.suse.com/show_bug.cgi?id=1160784

https://bugzilla.suse.com/show_bug.cgi?id=1160787

https://bugzilla.suse.com/show_bug.cgi?id=1160802

https://bugzilla.suse.com/show_bug.cgi?id=1160803

https://bugzilla.suse.com/show_bug.cgi?id=1160804

https://bugzilla.suse.com/show_bug.cgi?id=1160917

https://bugzilla.suse.com/show_bug.cgi?id=1160966

https://bugzilla.suse.com/show_bug.cgi?id=1160979

https://bugzilla.suse.com/show_bug.cgi?id=1161087

https://bugzilla.suse.com/show_bug.cgi?id=1161243

https://bugzilla.suse.com/show_bug.cgi?id=1161360

https://bugzilla.suse.com/show_bug.cgi?id=1161472

https://bugzilla.suse.com/show_bug.cgi?id=1161514

https://bugzilla.suse.com/show_bug.cgi?id=1161518

https://bugzilla.suse.com/show_bug.cgi?id=1161522

https://bugzilla.suse.com/show_bug.cgi?id=1161523

https://bugzilla.suse.com/show_bug.cgi?id=1161549

https://bugzilla.suse.com/show_bug.cgi?id=1161552

https://bugzilla.suse.com/show_bug.cgi?id=1161674

https://bugzilla.suse.com/show_bug.cgi?id=1161702

https://bugzilla.suse.com/show_bug.cgi?id=1161875

https://bugzilla.suse.com/show_bug.cgi?id=1161907

https://bugzilla.suse.com/show_bug.cgi?id=1161931

https://bugzilla.suse.com/show_bug.cgi?id=1161933

https://bugzilla.suse.com/show_bug.cgi?id=1161934

https://bugzilla.suse.com/show_bug.cgi?id=1161935

https://bugzilla.suse.com/show_bug.cgi?id=1161936

https://bugzilla.suse.com/show_bug.cgi?id=1161937

https://bugzilla.suse.com/show_bug.cgi?id=1162028

https://bugzilla.suse.com/show_bug.cgi?id=1162067

https://bugzilla.suse.com/show_bug.cgi?id=1162109

https://bugzilla.suse.com/show_bug.cgi?id=1162139

https://bugzilla.suse.com/show_bug.cgi?id=1162171

https://bugzilla.suse.com/show_bug.cgi?id=1162557

https://bugzilla.suse.com/show_bug.cgi?id=1162617

https://bugzilla.suse.com/show_bug.cgi?id=1162618

https://bugzilla.suse.com/show_bug.cgi?id=1162619

https://bugzilla.suse.com/show_bug.cgi?id=1162623

https://bugzilla.suse.com/show_bug.cgi?id=1162928

https://bugzilla.suse.com/show_bug.cgi?id=1162943

https://bugzilla.suse.com/show_bug.cgi?id=1163206

https://bugzilla.suse.com/show_bug.cgi?id=1163383

https://bugzilla.suse.com/show_bug.cgi?id=1163384

https://bugzilla.suse.com/show_bug.cgi?id=1163762

https://bugzilla.suse.com/show_bug.cgi?id=1163774

https://bugzilla.suse.com/show_bug.cgi?id=1163836

https://bugzilla.suse.com/show_bug.cgi?id=1163840

https://bugzilla.suse.com/show_bug.cgi?id=1163841

https://bugzilla.suse.com/show_bug.cgi?id=1163842

https://bugzilla.suse.com/show_bug.cgi?id=1163843

https://bugzilla.suse.com/show_bug.cgi?id=1163844

https://bugzilla.suse.com/show_bug.cgi?id=1163845

https://bugzilla.suse.com/show_bug.cgi?id=1163846

https://bugzilla.suse.com/show_bug.cgi?id=1163849

https://bugzilla.suse.com/show_bug.cgi?id=1163850

https://bugzilla.suse.com/show_bug.cgi?id=1163851

https://bugzilla.suse.com/show_bug.cgi?id=1163852

https://bugzilla.suse.com/show_bug.cgi?id=1163853

https://bugzilla.suse.com/show_bug.cgi?id=1163855

https://bugzilla.suse.com/show_bug.cgi?id=1163856

https://bugzilla.suse.com/show_bug.cgi?id=1163857

https://bugzilla.suse.com/show_bug.cgi?id=1163858

https://bugzilla.suse.com/show_bug.cgi?id=1163859

https://bugzilla.suse.com/show_bug.cgi?id=1163860

https://bugzilla.suse.com/show_bug.cgi?id=1163861

https://bugzilla.suse.com/show_bug.cgi?id=1163862

https://bugzilla.suse.com/show_bug.cgi?id=1163863

https://bugzilla.suse.com/show_bug.cgi?id=1163867

https://bugzilla.suse.com/show_bug.cgi?id=1163869

https://bugzilla.suse.com/show_bug.cgi?id=1163880

https://bugzilla.suse.com/show_bug.cgi?id=1163971

https://bugzilla.suse.com/show_bug.cgi?id=1164051

https://bugzilla.suse.com/show_bug.cgi?id=1164069

https://bugzilla.suse.com/show_bug.cgi?id=1164098

https://bugzilla.suse.com/show_bug.cgi?id=1164115

https://bugzilla.suse.com/show_bug.cgi?id=1164314

https://bugzilla.suse.com/show_bug.cgi?id=1164315

https://bugzilla.suse.com/show_bug.cgi?id=1164388

https://bugzilla.suse.com/show_bug.cgi?id=1164471

https://bugzilla.suse.com/show_bug.cgi?id=1164598

https://bugzilla.suse.com/show_bug.cgi?id=1164632

https://bugzilla.suse.com/show_bug.cgi?id=1164705

https://bugzilla.suse.com/show_bug.cgi?id=1164712

https://bugzilla.suse.com/show_bug.cgi?id=1164727

https://bugzilla.suse.com/show_bug.cgi?id=1164728

https://bugzilla.suse.com/show_bug.cgi?id=1164729

https://bugzilla.suse.com/show_bug.cgi?id=1164730

https://bugzilla.suse.com/show_bug.cgi?id=1164731

https://bugzilla.suse.com/show_bug.cgi?id=1164732

https://bugzilla.suse.com/show_bug.cgi?id=1164733

https://bugzilla.suse.com/show_bug.cgi?id=1164734

https://bugzilla.suse.com/show_bug.cgi?id=1164735

https://www.suse.com/security/cve/CVE-2019-14615/

https://www.suse.com/security/cve/CVE-2019-14896/

https://www.suse.com/security/cve/CVE-2019-14897/

https://www.suse.com/security/cve/CVE-2019-16994/

https://www.suse.com/security/cve/CVE-2019-19036/

https://www.suse.com/security/cve/CVE-2019-19045/

https://www.suse.com/security/cve/CVE-2019-19054/

https://www.suse.com/security/cve/CVE-2019-19318/

https://www.suse.com/security/cve/CVE-2019-19927/

https://www.suse.com/security/cve/CVE-2019-19965/

https://www.suse.com/security/cve/CVE-2020-2732/

https://www.suse.com/security/cve/CVE-2020-7053/

https://www.suse.com/security/cve/CVE-2020-8428/

https://www.suse.com/security/cve/CVE-2020-8648/

https://www.suse.com/security/cve/CVE-2020-8992/

http://www.nessus.org/u?3ee0137c

Plugin Details

Severity: Critical

ID: 134287

File Name: suse_SU-2020-0558-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2020/03/06

Updated: 2020/03/10

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-base, p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debugsource, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2020/03/02

Vulnerability Publication Date: 2019/09/30

Reference Information

CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-16994, CVE-2019-19036, CVE-2019-19045, CVE-2019-19054, CVE-2019-19318, CVE-2019-19927, CVE-2019-19965, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020-8648, CVE-2020-8992