openSUSE Security Update : the Linux Kernel (openSUSE-2020-1379)

high Nessus Plugin ID 140442
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote openSUSE host is missing a security update.


The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

- CVE-2020-14386: Fixed an overflow in tpacket_rcv in af_packet that could lead to a local privilege escalation ( bsc#1176069).

The following non-security bugs were fixed :

- bonding: check error value of register_netdevice() immediately (git-fixes).

- bonding: check return value of register_netdevice() in bond_newlink() (git-fixes).

- hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path (git-fixes).

- mlx4: disable device on shutdown (git-fixes).

- mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes).

- mlxsw: core: Increase scope of RCU read-side critical section (git-fixes).

- mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691).

- net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes).

- net/mlx5e: Fix error path of device attach (git-fixes).

- net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration (git-fixes).

- net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes).

- sched/deadline: Initialize ->dl_boosted (bsc#1112178).

- scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666).

- scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666).

- scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558 bsc#1136666).

- scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666).

- scsi: lpfc: NVMe remote port devloss_tmo from lldd (bsc#1171558 bsc#1136666 bsc#1173060).

- scsi: lpfc: Provide description for lpfc_mem_alloc()'s 'align' param (bsc#1171558 bsc#1136666).

- scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666).

- scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666).

- scsi: lpfc: Update lpfc version to (bsc#1171558 bsc#1136666).

- scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666).

- scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666).

- vxlan: Ensure FDB dump is performed under RCU (git-fixes).

- x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1112178).

- x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).


Update the affected the Linux Kernel packages.

See Also

Plugin Details

Severity: High

ID: 140442

File Name: openSUSE-2020-1379.nasl

Version: 1.4

Type: local

Agent: unix

Published: 9/9/2020

Updated: 9/29/2020

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2020-14386


Risk Factor: High

Score: 8.4


Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C


Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-docs-html, p-cpe:/a:novell:opensuse:kernel-kvmsmall, p-cpe:/a:novell:opensuse:kernel-kvmsmall-base, p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo, p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource, p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel, p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 9/7/2020

Vulnerability Publication Date: 9/16/2020

Reference Information

CVE: CVE-2020-14386