SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0584-1)

Critical Nessus Plugin ID 134293

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).

CVE-2019-19338: There was an incomplete fix for an issue with Transactional Synchronisation Extensions in the KVM code (bsc#1158954).

CVE-2019-14615: An information disclosure vulnerability existed due to insufficient control flow in certain data structures for some Intel(R) Processors (bnc#1160195).

CVE-2019-14896: A heap overflow was found in the add_ie_rates() function of the Marvell Wifi Driver (bsc#1157157).

CVE-2019-14897: A stack overflow was found in the lbs_ibss_join_existing() function of the Marvell Wifi Driver (bsc#1157155).

CVE-2019-15213: A use-after-free bug caused by a malicious USB device was found in drivers/media/usb/dvb-usb/dvb-usb-init.c (bsc#1146544).

CVE-2019-16994: A memory leak existed in sit_init_net() in net/ipv6/sit.c which might have caused denial of service, aka CID-07f12b26e21a (bnc#1161523).

CVE-2019-18808: A memory leak in drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of service (memory consumption), aka CID-128c66429247 (bnc#1156259).

CVE-2019-19036: An issue discovered in btrfs_root_node in fs/btrfs/ctree.c allowed a NULL pointer dereference because rcu_dereference(root->node) can be zero (bnc#1157692).

CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).

CVE-2019-19051: A memory leak in drivers/net/wimax/i2400m/op-rfkill.c allowed attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7 (bnc#1159024).

CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b (bnc#1161518).

CVE-2019-19066: A memory leak in drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of service (memory consumption), aka CID-0e62395da2bd (bnc#1157303).

CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a use-after-free (bnc#1158026).

CVE-2019-19319: A slab-out-of-bounds write access could have occured when setxattr was called after mounting of a specially crafted ext4 image (bnc#1158021).

CVE-2019-19332: An out-of-bounds memory write issue was found in the way the KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could have used this flaw to crash the system (bnc#1158827).

CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing some operations, and unmounting could have led to a use-after-free in fs/ext4/super.c (bnc#1158819).

CVE-2019-19523: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bsc#1158823).

CVE-2019-19524: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bsc#1158413).

CVE-2019-19525: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035 (bsc#1158417).

CVE-2019-19526: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098 (bsc#1158893).

CVE-2019-19527: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e (bsc#1158900).

CVE-2019-19528: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d (bsc#1158407).

CVE-2019-19529: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41 (bnc#1158381).

CVE-2019-19530: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bsc#1158410).

CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bsc#1158445).

CVE-2019-19532: There were multiple out-of-bounds write bugs that can be caused by a malicious USB HID device, aka CID-d9d4b1e46d95 (bsc#1158824).

CVE-2019-19533: There was an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464 (bsc#1158834).

CVE-2019-19534: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29 (bsc#1158398).

CVE-2019-19535: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042 (bsc#1158903).

CVE-2019-19536: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0 (bsc#1158394).

CVE-2019-19537: There was a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9 (bsc#1158904).

CVE-2019-19543: There was a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427).

CVE-2019-19767: There were multiple use-after-free errors in
__ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163 (bnc#1159297).

CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5 (bnc#1159911).

CVE-2019-19966: There was a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that could have caused a denial of service, aka CID-dea37a972655 (bnc#1159841).

CVE-2019-20054: There was a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e (bnc#1159910).

CVE-2019-20095: Several memory leaks were found in drivers/net/wireless/marvell/mwifiex/cfg80211.c, aka CID-003b686ace82 (bnc#1159909).

CVE-2019-20096: There was a memory leak in __feat_register_sp() in net/dccp/feat.c, aka CID-1d3ff0950e2b (bnc#1159908).

CVE-2020-7053: There was a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c (bnc#1160966).

CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which allowed local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9 (bnc#1162109).

CVE-2020-8648: There was a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).

CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bnc#1164069).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch SUSE-SLE-WE-12-SP4-2020-584=1

SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-584=1

SUSE Linux Enterprise Server 12-SP4:zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-584=1

SUSE Linux Enterprise Live Patching 12-SP4:zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2020-584=1

SUSE Linux Enterprise High Availability 12-SP4:zypper in -t patch SUSE-SLE-HA-12-SP4-2020-584=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1046303

https://bugzilla.suse.com/show_bug.cgi?id=1050244

https://bugzilla.suse.com/show_bug.cgi?id=1051510

https://bugzilla.suse.com/show_bug.cgi?id=1051858

https://bugzilla.suse.com/show_bug.cgi?id=1061840

https://bugzilla.suse.com/show_bug.cgi?id=1065600

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1071995

https://bugzilla.suse.com/show_bug.cgi?id=1083647

https://bugzilla.suse.com/show_bug.cgi?id=1085030

https://bugzilla.suse.com/show_bug.cgi?id=1086301

https://bugzilla.suse.com/show_bug.cgi?id=1086313

https://bugzilla.suse.com/show_bug.cgi?id=1086314

https://bugzilla.suse.com/show_bug.cgi?id=1088810

https://bugzilla.suse.com/show_bug.cgi?id=1090888

https://bugzilla.suse.com/show_bug.cgi?id=1104427

https://bugzilla.suse.com/show_bug.cgi?id=1105392

https://bugzilla.suse.com/show_bug.cgi?id=1111666

https://bugzilla.suse.com/show_bug.cgi?id=1112178

https://bugzilla.suse.com/show_bug.cgi?id=1112504

https://bugzilla.suse.com/show_bug.cgi?id=1114279

https://bugzilla.suse.com/show_bug.cgi?id=1115026

https://bugzilla.suse.com/show_bug.cgi?id=1118338

https://bugzilla.suse.com/show_bug.cgi?id=1120853

https://bugzilla.suse.com/show_bug.cgi?id=1123328

https://bugzilla.suse.com/show_bug.cgi?id=1127371

https://bugzilla.suse.com/show_bug.cgi?id=1133021

https://bugzilla.suse.com/show_bug.cgi?id=1133147

https://bugzilla.suse.com/show_bug.cgi?id=1134973

https://bugzilla.suse.com/show_bug.cgi?id=1140025

https://bugzilla.suse.com/show_bug.cgi?id=1141054

https://bugzilla.suse.com/show_bug.cgi?id=1142095

https://bugzilla.suse.com/show_bug.cgi?id=1143959

https://bugzilla.suse.com/show_bug.cgi?id=1144333

https://bugzilla.suse.com/show_bug.cgi?id=1146519

https://bugzilla.suse.com/show_bug.cgi?id=1146544

https://bugzilla.suse.com/show_bug.cgi?id=1151548

https://bugzilla.suse.com/show_bug.cgi?id=1151910

https://bugzilla.suse.com/show_bug.cgi?id=1151927

https://bugzilla.suse.com/show_bug.cgi?id=1152631

https://bugzilla.suse.com/show_bug.cgi?id=1153917

https://bugzilla.suse.com/show_bug.cgi?id=1154243

https://bugzilla.suse.com/show_bug.cgi?id=1155331

https://bugzilla.suse.com/show_bug.cgi?id=1155334

https://bugzilla.suse.com/show_bug.cgi?id=1155689

https://bugzilla.suse.com/show_bug.cgi?id=1156259

https://bugzilla.suse.com/show_bug.cgi?id=1156286

https://bugzilla.suse.com/show_bug.cgi?id=1156462

https://bugzilla.suse.com/show_bug.cgi?id=1157155

https://bugzilla.suse.com/show_bug.cgi?id=1157157

https://bugzilla.suse.com/show_bug.cgi?id=1157169

https://bugzilla.suse.com/show_bug.cgi?id=1157303

https://bugzilla.suse.com/show_bug.cgi?id=1157424

https://bugzilla.suse.com/show_bug.cgi?id=1157692

https://bugzilla.suse.com/show_bug.cgi?id=1157853

https://bugzilla.suse.com/show_bug.cgi?id=1157908

https://bugzilla.suse.com/show_bug.cgi?id=1157966

https://bugzilla.suse.com/show_bug.cgi?id=1158013

https://bugzilla.suse.com/show_bug.cgi?id=1158021

https://bugzilla.suse.com/show_bug.cgi?id=1158026

https://bugzilla.suse.com/show_bug.cgi?id=1158094

https://bugzilla.suse.com/show_bug.cgi?id=1158132

https://bugzilla.suse.com/show_bug.cgi?id=1158381

https://bugzilla.suse.com/show_bug.cgi?id=1158394

https://bugzilla.suse.com/show_bug.cgi?id=1158398

https://bugzilla.suse.com/show_bug.cgi?id=1158407

https://bugzilla.suse.com/show_bug.cgi?id=1158410

https://bugzilla.suse.com/show_bug.cgi?id=1158413

https://bugzilla.suse.com/show_bug.cgi?id=1158417

https://bugzilla.suse.com/show_bug.cgi?id=1158427

https://bugzilla.suse.com/show_bug.cgi?id=1158445

https://bugzilla.suse.com/show_bug.cgi?id=1158533

https://bugzilla.suse.com/show_bug.cgi?id=1158637

https://bugzilla.suse.com/show_bug.cgi?id=1158638

https://bugzilla.suse.com/show_bug.cgi?id=1158639

https://bugzilla.suse.com/show_bug.cgi?id=1158640

https://bugzilla.suse.com/show_bug.cgi?id=1158641

https://bugzilla.suse.com/show_bug.cgi?id=1158643

https://bugzilla.suse.com/show_bug.cgi?id=1158644

https://bugzilla.suse.com/show_bug.cgi?id=1158645

https://bugzilla.suse.com/show_bug.cgi?id=1158646

https://bugzilla.suse.com/show_bug.cgi?id=1158647

https://bugzilla.suse.com/show_bug.cgi?id=1158649

https://bugzilla.suse.com/show_bug.cgi?id=1158651

https://bugzilla.suse.com/show_bug.cgi?id=1158652

https://bugzilla.suse.com/show_bug.cgi?id=1158819

https://bugzilla.suse.com/show_bug.cgi?id=1158823

https://bugzilla.suse.com/show_bug.cgi?id=1158824

https://bugzilla.suse.com/show_bug.cgi?id=1158827

https://bugzilla.suse.com/show_bug.cgi?id=1158834

https://bugzilla.suse.com/show_bug.cgi?id=1158893

https://bugzilla.suse.com/show_bug.cgi?id=1158900

https://bugzilla.suse.com/show_bug.cgi?id=1158903

https://bugzilla.suse.com/show_bug.cgi?id=1158904

https://bugzilla.suse.com/show_bug.cgi?id=1158954

https://bugzilla.suse.com/show_bug.cgi?id=1159024

https://bugzilla.suse.com/show_bug.cgi?id=1159028

https://bugzilla.suse.com/show_bug.cgi?id=1159271

https://bugzilla.suse.com/show_bug.cgi?id=1159297

https://bugzilla.suse.com/show_bug.cgi?id=1159394

https://bugzilla.suse.com/show_bug.cgi?id=1159483

https://bugzilla.suse.com/show_bug.cgi?id=1159484

https://bugzilla.suse.com/show_bug.cgi?id=1159569

https://bugzilla.suse.com/show_bug.cgi?id=1159588

https://bugzilla.suse.com/show_bug.cgi?id=1159841

https://bugzilla.suse.com/show_bug.cgi?id=1159908

https://bugzilla.suse.com/show_bug.cgi?id=1159909

https://bugzilla.suse.com/show_bug.cgi?id=1159910

https://bugzilla.suse.com/show_bug.cgi?id=1159911

https://bugzilla.suse.com/show_bug.cgi?id=1159955

https://bugzilla.suse.com/show_bug.cgi?id=1160195

https://bugzilla.suse.com/show_bug.cgi?id=1160210

https://bugzilla.suse.com/show_bug.cgi?id=1160211

https://bugzilla.suse.com/show_bug.cgi?id=1160218

https://bugzilla.suse.com/show_bug.cgi?id=1160433

https://bugzilla.suse.com/show_bug.cgi?id=1160442

https://bugzilla.suse.com/show_bug.cgi?id=1160476

https://bugzilla.suse.com/show_bug.cgi?id=1160560

https://bugzilla.suse.com/show_bug.cgi?id=1160755

https://bugzilla.suse.com/show_bug.cgi?id=1160756

https://bugzilla.suse.com/show_bug.cgi?id=1160784

https://bugzilla.suse.com/show_bug.cgi?id=1160787

https://bugzilla.suse.com/show_bug.cgi?id=1160802

https://bugzilla.suse.com/show_bug.cgi?id=1160803

https://bugzilla.suse.com/show_bug.cgi?id=1160804

https://bugzilla.suse.com/show_bug.cgi?id=1160917

https://bugzilla.suse.com/show_bug.cgi?id=1160966

https://bugzilla.suse.com/show_bug.cgi?id=1160979

https://bugzilla.suse.com/show_bug.cgi?id=1161087

https://bugzilla.suse.com/show_bug.cgi?id=1161360

https://bugzilla.suse.com/show_bug.cgi?id=1161514

https://bugzilla.suse.com/show_bug.cgi?id=1161518

https://bugzilla.suse.com/show_bug.cgi?id=1161522

https://bugzilla.suse.com/show_bug.cgi?id=1161523

https://bugzilla.suse.com/show_bug.cgi?id=1161549

https://bugzilla.suse.com/show_bug.cgi?id=1161552

https://bugzilla.suse.com/show_bug.cgi?id=1161674

https://bugzilla.suse.com/show_bug.cgi?id=1161702

https://bugzilla.suse.com/show_bug.cgi?id=1161875

https://bugzilla.suse.com/show_bug.cgi?id=1161907

https://bugzilla.suse.com/show_bug.cgi?id=1161931

https://bugzilla.suse.com/show_bug.cgi?id=1161933

https://bugzilla.suse.com/show_bug.cgi?id=1161934

https://bugzilla.suse.com/show_bug.cgi?id=1161935

https://bugzilla.suse.com/show_bug.cgi?id=1161936

https://bugzilla.suse.com/show_bug.cgi?id=1161937

https://bugzilla.suse.com/show_bug.cgi?id=1162028

https://bugzilla.suse.com/show_bug.cgi?id=1162067

https://bugzilla.suse.com/show_bug.cgi?id=1162109

https://bugzilla.suse.com/show_bug.cgi?id=1162139

https://bugzilla.suse.com/show_bug.cgi?id=1162557

https://bugzilla.suse.com/show_bug.cgi?id=1162617

https://bugzilla.suse.com/show_bug.cgi?id=1162618

https://bugzilla.suse.com/show_bug.cgi?id=1162619

https://bugzilla.suse.com/show_bug.cgi?id=1162623

https://bugzilla.suse.com/show_bug.cgi?id=1162928

https://bugzilla.suse.com/show_bug.cgi?id=1162943

https://bugzilla.suse.com/show_bug.cgi?id=1163383

https://bugzilla.suse.com/show_bug.cgi?id=1163384

https://bugzilla.suse.com/show_bug.cgi?id=1163762

https://bugzilla.suse.com/show_bug.cgi?id=1163774

https://bugzilla.suse.com/show_bug.cgi?id=1163836

https://bugzilla.suse.com/show_bug.cgi?id=1163840

https://bugzilla.suse.com/show_bug.cgi?id=1163841

https://bugzilla.suse.com/show_bug.cgi?id=1163842

https://bugzilla.suse.com/show_bug.cgi?id=1163843

https://bugzilla.suse.com/show_bug.cgi?id=1163844

https://bugzilla.suse.com/show_bug.cgi?id=1163845

https://bugzilla.suse.com/show_bug.cgi?id=1163846

https://bugzilla.suse.com/show_bug.cgi?id=1163849

https://bugzilla.suse.com/show_bug.cgi?id=1163850

https://bugzilla.suse.com/show_bug.cgi?id=1163851

https://bugzilla.suse.com/show_bug.cgi?id=1163852

https://bugzilla.suse.com/show_bug.cgi?id=1163853

https://bugzilla.suse.com/show_bug.cgi?id=1163855

https://bugzilla.suse.com/show_bug.cgi?id=1163856

https://bugzilla.suse.com/show_bug.cgi?id=1163857

https://bugzilla.suse.com/show_bug.cgi?id=1163858

https://bugzilla.suse.com/show_bug.cgi?id=1163859

https://bugzilla.suse.com/show_bug.cgi?id=1163860

https://bugzilla.suse.com/show_bug.cgi?id=1163861

https://bugzilla.suse.com/show_bug.cgi?id=1163862

https://bugzilla.suse.com/show_bug.cgi?id=1163863

https://bugzilla.suse.com/show_bug.cgi?id=1163867

https://bugzilla.suse.com/show_bug.cgi?id=1163869

https://bugzilla.suse.com/show_bug.cgi?id=1163880

https://bugzilla.suse.com/show_bug.cgi?id=1163971

https://bugzilla.suse.com/show_bug.cgi?id=1164069

https://bugzilla.suse.com/show_bug.cgi?id=1164098

https://bugzilla.suse.com/show_bug.cgi?id=1164115

https://bugzilla.suse.com/show_bug.cgi?id=1164314

https://bugzilla.suse.com/show_bug.cgi?id=1164315

https://bugzilla.suse.com/show_bug.cgi?id=1164388

https://bugzilla.suse.com/show_bug.cgi?id=1164471

https://bugzilla.suse.com/show_bug.cgi?id=1164632

https://bugzilla.suse.com/show_bug.cgi?id=1164705

https://bugzilla.suse.com/show_bug.cgi?id=1164712

https://bugzilla.suse.com/show_bug.cgi?id=1164727

https://bugzilla.suse.com/show_bug.cgi?id=1164728

https://bugzilla.suse.com/show_bug.cgi?id=1164729

https://bugzilla.suse.com/show_bug.cgi?id=1164730

https://bugzilla.suse.com/show_bug.cgi?id=1164731

https://bugzilla.suse.com/show_bug.cgi?id=1164732

https://bugzilla.suse.com/show_bug.cgi?id=1164733

https://bugzilla.suse.com/show_bug.cgi?id=1164734

https://bugzilla.suse.com/show_bug.cgi?id=1164735

https://www.suse.com/security/cve/CVE-2019-14615/

https://www.suse.com/security/cve/CVE-2019-14896/

https://www.suse.com/security/cve/CVE-2019-14897/

https://www.suse.com/security/cve/CVE-2019-15213/

https://www.suse.com/security/cve/CVE-2019-16994/

https://www.suse.com/security/cve/CVE-2019-18808/

https://www.suse.com/security/cve/CVE-2019-19036/

https://www.suse.com/security/cve/CVE-2019-19045/

https://www.suse.com/security/cve/CVE-2019-19051/

https://www.suse.com/security/cve/CVE-2019-19054/

https://www.suse.com/security/cve/CVE-2019-19066/

https://www.suse.com/security/cve/CVE-2019-19318/

https://www.suse.com/security/cve/CVE-2019-19319/

https://www.suse.com/security/cve/CVE-2019-19332/

https://www.suse.com/security/cve/CVE-2019-19338/

https://www.suse.com/security/cve/CVE-2019-19447/

https://www.suse.com/security/cve/CVE-2019-19523/

https://www.suse.com/security/cve/CVE-2019-19524/

https://www.suse.com/security/cve/CVE-2019-19525/

https://www.suse.com/security/cve/CVE-2019-19526/

https://www.suse.com/security/cve/CVE-2019-19527/

https://www.suse.com/security/cve/CVE-2019-19528/

https://www.suse.com/security/cve/CVE-2019-19529/

https://www.suse.com/security/cve/CVE-2019-19530/

https://www.suse.com/security/cve/CVE-2019-19531/

https://www.suse.com/security/cve/CVE-2019-19532/

https://www.suse.com/security/cve/CVE-2019-19533/

https://www.suse.com/security/cve/CVE-2019-19534/

https://www.suse.com/security/cve/CVE-2019-19535/

https://www.suse.com/security/cve/CVE-2019-19536/

https://www.suse.com/security/cve/CVE-2019-19537/

https://www.suse.com/security/cve/CVE-2019-19543/

https://www.suse.com/security/cve/CVE-2019-19767/

https://www.suse.com/security/cve/CVE-2019-19965/

https://www.suse.com/security/cve/CVE-2019-19966/

https://www.suse.com/security/cve/CVE-2019-20054/

https://www.suse.com/security/cve/CVE-2019-20095/

https://www.suse.com/security/cve/CVE-2019-20096/

https://www.suse.com/security/cve/CVE-2020-2732/

https://www.suse.com/security/cve/CVE-2020-7053/

https://www.suse.com/security/cve/CVE-2020-8428/

https://www.suse.com/security/cve/CVE-2020-8648/

https://www.suse.com/security/cve/CVE-2020-8992/

http://www.nessus.org/u?93a06234

Plugin Details

Severity: Critical

ID: 134293

File Name: suse_SU-2020-0584-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2020/03/06

Updated: 2020/03/10

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2020/03/04

Vulnerability Publication Date: 2019/08/19

Reference Information

CVE: CVE-2019-14615, CVE-2019-14896, CVE-2019-14897, CVE-2019-15213, CVE-2019-16994, CVE-2019-18808, CVE-2019-19036, CVE-2019-19045, CVE-2019-19051, CVE-2019-19054, CVE-2019-19066, CVE-2019-19318, CVE-2019-19319, CVE-2019-19332, CVE-2019-19338, CVE-2019-19447, CVE-2019-19523, CVE-2019-19524, CVE-2019-19525, CVE-2019-19526, CVE-2019-19527, CVE-2019-19528, CVE-2019-19529, CVE-2019-19530, CVE-2019-19531, CVE-2019-19532, CVE-2019-19533, CVE-2019-19534, CVE-2019-19535, CVE-2019-19536, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19965, CVE-2019-19966, CVE-2019-20054, CVE-2019-20095, CVE-2019-20096, CVE-2020-2732, CVE-2020-7053, CVE-2020-8428, CVE-2020-8648, CVE-2020-8992