Code injection

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tssinvalidateiobitmap mishandling causes a loss of synchronization between the I/O bitmaps ...

SUSE-SU-2020:1587-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which...

CVE-2020-13974

An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if kascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case...

MGASA-2020-0089 Updated kernel-linus packages fix security vulnerabilities

This update provides upstream 5.4.20, adding support for new hardware and features, and resolves at least the following security issues: In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This...

SUSE-SU-2019:3289-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel-azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19531: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca bsc1158445. - CVE-2019-19543:...

SUSE-SU-2019:2613-1 Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)

This update for the Linux Kernel 4.4.121-92101 fixes one issue. The following security issue was fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest...

SUSE-SU-2019:2600-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)

This update for the Linux Kernel 4.4.178-9491 fixes several issues. The following security issues were fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2019-15920

An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak...

SUSE-SU-2019:1768-1 Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-9497 fixes one issue. The following security issue was fixed: - CVE-2019-11487: The Linux kernel allowed page-refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c,...

SUSE-SU-2019:1671-1 Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)

This update for the Linux Kernel 4.4.121-92101 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless networ...

SUSE-SU-2019:1668-1 Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-6064107 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless...

SUSE-SU-2019:0726-1 Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-956 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expanddownwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP...

SUSE-SU-2019:0298-1 Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9441 fixes one issue. The following security issue was fixed: - CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bcsvcprocess use wrong back-channel I...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to 4.12.14-lp150.12.28.1 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18281: The mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the...

SUSE-SU-2018:3265-1 Security update for the Linux Kernel (Live Patch 38 for SLE 12)

This update for the Linux Kernel 3.12.61-52146 fixes several issues. The following security issues were fixed: - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator i...

SUSE-SU-2018:3238-1 Security update for the Linux Kernel (Live Patch 29 for SLE 12)

This update for the Linux Kernel 3.12.61-52106 fixes several issues. The following security issues were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...

Important: kernel

Issue Overview: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the...

SUSE-SU-2018:2961-1 Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP3)

This update for the Linux Kernel 4.4.143-9447 fixes several issues. The following security issues were fixed: - CVE-2018-5390: Prevent very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming TCP packet which can lead to a denial of service bsc1102682. - CVE-2018-10938:...

SUSE-SU-2018:2938-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15)

This update for the Linux Kernel 4.12.14-256 fixes one issue. The following security issue was fixed: - CVE-2018-10938: It was found that a crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c...