New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.4
Synopsis
The remote openSUSE host is missing a security update.
Description
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed :
- CVE-2020-14386: Fixed an overflow in tpacket_rcv in af_packet that could lead to a local privilege escalation ( bsc#1176069).
The following non-security bugs were fixed :
- bonding: check error value of register_netdevice() immediately (git-fixes).
- bonding: check return value of register_netdevice() in bond_newlink() (git-fixes).
- hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path (git-fixes).
- mlx4: disable device on shutdown (git-fixes).
- mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes).
- mlxsw: core: Increase scope of RCU read-side critical section (git-fixes).
- mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691).
- net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes).
- net/mlx5e: Fix error path of device attach (git-fixes).
- net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration (git-fixes).
- net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes).
- sched/deadline: Initialize ->dl_boosted (bsc#1112178).
- scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666).
- scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666).
- scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558 bsc#1136666).
- scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666).
- scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666).
- scsi: lpfc: NVMe remote port devloss_tmo from lldd (bsc#1171558 bsc#1136666 bsc#1173060).
- scsi: lpfc: Provide description for lpfc_mem_alloc()'s 'align' param (bsc#1171558 bsc#1136666).
- scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666).
- scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666).
- scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666).
- scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666).
- scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666).
- vxlan: Ensure FDB dump is performed under RCU (git-fixes).
- x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1112178).
- x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).
Solution
Update the affected the Linux Kernel packages.