logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2600-1)

Description

This update for the Linux Kernel 4.4.180-94_100 fixes several issues. The following security issues were fixed : CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021). CVE-2017-18379: Fixed an out of boundary access that happened in drivers/nvme/target/fc.c (bsc#1145604). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Related