SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:0224-1)

high Nessus Plugin ID 121571

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

This update brings following features :

Support for Enhanced-IBRS on new Intel CPUs (fate#326564)

The following security bugs were fixed: CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).

CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions.
fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).

CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).

CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).

CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).

CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).

CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).

CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).

CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).

CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).

CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs.
NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).

CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).

CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 15:zypper in -t patch SUSE-SLE-Product-WE-15-2019-224=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-224=1

SUSE Linux Enterprise Module for Live Patching 15:zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2019-224=1

SUSE Linux Enterprise Module for Legacy Software 15:zypper in -t patch SUSE-SLE-Module-Legacy-15-2019-224=1

SUSE Linux Enterprise Module for Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-224=1

SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-224=1

SUSE Linux Enterprise High Availability 15:zypper in -t patch SUSE-SLE-Product-HA-15-2019-224=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1024718

https://bugzilla.suse.com/show_bug.cgi?id=1046299

https://bugzilla.suse.com/show_bug.cgi?id=1050242

https://bugzilla.suse.com/show_bug.cgi?id=1050244

https://bugzilla.suse.com/show_bug.cgi?id=1051510

https://bugzilla.suse.com/show_bug.cgi?id=1055120

https://bugzilla.suse.com/show_bug.cgi?id=1085535

https://bugzilla.suse.com/show_bug.cgi?id=1086196

https://bugzilla.suse.com/show_bug.cgi?id=1086282

https://bugzilla.suse.com/show_bug.cgi?id=1086283

https://bugzilla.suse.com/show_bug.cgi?id=1086423

https://bugzilla.suse.com/show_bug.cgi?id=1087978

https://bugzilla.suse.com/show_bug.cgi?id=1088386

https://bugzilla.suse.com/show_bug.cgi?id=1089350

https://bugzilla.suse.com/show_bug.cgi?id=1090888

https://bugzilla.suse.com/show_bug.cgi?id=1091405

https://bugzilla.suse.com/show_bug.cgi?id=1091800

https://bugzilla.suse.com/show_bug.cgi?id=1094244

https://bugzilla.suse.com/show_bug.cgi?id=1097593

https://bugzilla.suse.com/show_bug.cgi?id=1097755

https://bugzilla.suse.com/show_bug.cgi?id=1100132

https://bugzilla.suse.com/show_bug.cgi?id=1102875

https://bugzilla.suse.com/show_bug.cgi?id=1102877

https://bugzilla.suse.com/show_bug.cgi?id=1102879

https://bugzilla.suse.com/show_bug.cgi?id=1102882

https://bugzilla.suse.com/show_bug.cgi?id=1102896

https://bugzilla.suse.com/show_bug.cgi?id=1103257

https://bugzilla.suse.com/show_bug.cgi?id=1103356

https://bugzilla.suse.com/show_bug.cgi?id=1103925

https://bugzilla.suse.com/show_bug.cgi?id=1104124

https://bugzilla.suse.com/show_bug.cgi?id=1104353

https://bugzilla.suse.com/show_bug.cgi?id=1104427

https://bugzilla.suse.com/show_bug.cgi?id=1104824

https://bugzilla.suse.com/show_bug.cgi?id=1104967

https://bugzilla.suse.com/show_bug.cgi?id=1105168

https://bugzilla.suse.com/show_bug.cgi?id=1105428

https://bugzilla.suse.com/show_bug.cgi?id=1106105

https://bugzilla.suse.com/show_bug.cgi?id=1106110

https://bugzilla.suse.com/show_bug.cgi?id=1106237

https://bugzilla.suse.com/show_bug.cgi?id=1106240

https://bugzilla.suse.com/show_bug.cgi?id=1106615

https://bugzilla.suse.com/show_bug.cgi?id=1117792

https://bugzilla.suse.com/show_bug.cgi?id=1117794

https://bugzilla.suse.com/show_bug.cgi?id=1117795

https://bugzilla.suse.com/show_bug.cgi?id=1117796

https://bugzilla.suse.com/show_bug.cgi?id=1117798

https://bugzilla.suse.com/show_bug.cgi?id=1117799

https://bugzilla.suse.com/show_bug.cgi?id=1117801

https://bugzilla.suse.com/show_bug.cgi?id=1117802

https://bugzilla.suse.com/show_bug.cgi?id=1117803

https://bugzilla.suse.com/show_bug.cgi?id=1117804

https://bugzilla.suse.com/show_bug.cgi?id=1117805

https://bugzilla.suse.com/show_bug.cgi?id=1117806

https://bugzilla.suse.com/show_bug.cgi?id=1117807

https://bugzilla.suse.com/show_bug.cgi?id=1117808

https://bugzilla.suse.com/show_bug.cgi?id=1117815

https://bugzilla.suse.com/show_bug.cgi?id=1117816

https://bugzilla.suse.com/show_bug.cgi?id=1117817

https://bugzilla.suse.com/show_bug.cgi?id=1117818

https://bugzilla.suse.com/show_bug.cgi?id=1117819

https://bugzilla.suse.com/show_bug.cgi?id=1117820

https://bugzilla.suse.com/show_bug.cgi?id=1117821

https://bugzilla.suse.com/show_bug.cgi?id=1117822

https://bugzilla.suse.com/show_bug.cgi?id=1117953

https://bugzilla.suse.com/show_bug.cgi?id=1118102

https://bugzilla.suse.com/show_bug.cgi?id=1118136

https://bugzilla.suse.com/show_bug.cgi?id=1118137

https://bugzilla.suse.com/show_bug.cgi?id=1118138

https://bugzilla.suse.com/show_bug.cgi?id=1118140

https://bugzilla.suse.com/show_bug.cgi?id=1118152

https://bugzilla.suse.com/show_bug.cgi?id=1118215

https://bugzilla.suse.com/show_bug.cgi?id=1118316

https://bugzilla.suse.com/show_bug.cgi?id=1118319

https://bugzilla.suse.com/show_bug.cgi?id=1118428

https://bugzilla.suse.com/show_bug.cgi?id=1118484

https://bugzilla.suse.com/show_bug.cgi?id=1118505

https://bugzilla.suse.com/show_bug.cgi?id=1118752

https://bugzilla.suse.com/show_bug.cgi?id=1118760

https://bugzilla.suse.com/show_bug.cgi?id=1118761

https://bugzilla.suse.com/show_bug.cgi?id=1118762

https://bugzilla.suse.com/show_bug.cgi?id=1118766

https://bugzilla.suse.com/show_bug.cgi?id=1118767

https://bugzilla.suse.com/show_bug.cgi?id=1118768

https://bugzilla.suse.com/show_bug.cgi?id=1118769

https://bugzilla.suse.com/show_bug.cgi?id=1118771

https://bugzilla.suse.com/show_bug.cgi?id=1118772

https://bugzilla.suse.com/show_bug.cgi?id=1118773

https://bugzilla.suse.com/show_bug.cgi?id=1118774

https://bugzilla.suse.com/show_bug.cgi?id=1118775

https://bugzilla.suse.com/show_bug.cgi?id=1118798

https://bugzilla.suse.com/show_bug.cgi?id=1118809

https://bugzilla.suse.com/show_bug.cgi?id=1118962

https://bugzilla.suse.com/show_bug.cgi?id=1119017

https://bugzilla.suse.com/show_bug.cgi?id=1119086

https://bugzilla.suse.com/show_bug.cgi?id=1055121

https://bugzilla.suse.com/show_bug.cgi?id=1055186

https://bugzilla.suse.com/show_bug.cgi?id=1058115

https://bugzilla.suse.com/show_bug.cgi?id=1060463

https://bugzilla.suse.com/show_bug.cgi?id=1061840

https://bugzilla.suse.com/show_bug.cgi?id=1065600

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1068273

https://bugzilla.suse.com/show_bug.cgi?id=1078248

https://bugzilla.suse.com/show_bug.cgi?id=1079935

https://bugzilla.suse.com/show_bug.cgi?id=1082387

https://bugzilla.suse.com/show_bug.cgi?id=1082555

https://bugzilla.suse.com/show_bug.cgi?id=1082653

https://bugzilla.suse.com/show_bug.cgi?id=1083647

https://bugzilla.suse.com/show_bug.cgi?id=1106913

https://bugzilla.suse.com/show_bug.cgi?id=1107256

https://bugzilla.suse.com/show_bug.cgi?id=1107385

https://bugzilla.suse.com/show_bug.cgi?id=1107866

https://bugzilla.suse.com/show_bug.cgi?id=1108270

https://bugzilla.suse.com/show_bug.cgi?id=1108468

https://bugzilla.suse.com/show_bug.cgi?id=1109272

https://bugzilla.suse.com/show_bug.cgi?id=1109772

https://bugzilla.suse.com/show_bug.cgi?id=1109806

https://bugzilla.suse.com/show_bug.cgi?id=1110006

https://bugzilla.suse.com/show_bug.cgi?id=1110558

https://bugzilla.suse.com/show_bug.cgi?id=1110998

https://bugzilla.suse.com/show_bug.cgi?id=1111040

https://bugzilla.suse.com/show_bug.cgi?id=1111062

https://bugzilla.suse.com/show_bug.cgi?id=1111174

https://bugzilla.suse.com/show_bug.cgi?id=1111183

https://bugzilla.suse.com/show_bug.cgi?id=1111188

https://bugzilla.suse.com/show_bug.cgi?id=1111469

https://bugzilla.suse.com/show_bug.cgi?id=1111696

https://bugzilla.suse.com/show_bug.cgi?id=1111795

https://bugzilla.suse.com/show_bug.cgi?id=1111809

https://bugzilla.suse.com/show_bug.cgi?id=1111921

https://bugzilla.suse.com/show_bug.cgi?id=1112878

https://bugzilla.suse.com/show_bug.cgi?id=1112963

https://bugzilla.suse.com/show_bug.cgi?id=1113295

https://bugzilla.suse.com/show_bug.cgi?id=1113408

https://bugzilla.suse.com/show_bug.cgi?id=1113412

https://bugzilla.suse.com/show_bug.cgi?id=1113501

https://bugzilla.suse.com/show_bug.cgi?id=1113667

https://bugzilla.suse.com/show_bug.cgi?id=1113677

https://bugzilla.suse.com/show_bug.cgi?id=1113722

https://bugzilla.suse.com/show_bug.cgi?id=1113751

https://bugzilla.suse.com/show_bug.cgi?id=1113769

https://bugzilla.suse.com/show_bug.cgi?id=1113780

https://bugzilla.suse.com/show_bug.cgi?id=1113972

https://bugzilla.suse.com/show_bug.cgi?id=1114015

https://bugzilla.suse.com/show_bug.cgi?id=1114178

https://bugzilla.suse.com/show_bug.cgi?id=1114279

https://bugzilla.suse.com/show_bug.cgi?id=1114385

https://bugzilla.suse.com/show_bug.cgi?id=1114576

https://bugzilla.suse.com/show_bug.cgi?id=1114577

https://bugzilla.suse.com/show_bug.cgi?id=1114578

https://bugzilla.suse.com/show_bug.cgi?id=1114579

https://bugzilla.suse.com/show_bug.cgi?id=1114580

https://bugzilla.suse.com/show_bug.cgi?id=1114581

https://bugzilla.suse.com/show_bug.cgi?id=1114582

https://bugzilla.suse.com/show_bug.cgi?id=1114583

https://bugzilla.suse.com/show_bug.cgi?id=1114584

https://bugzilla.suse.com/show_bug.cgi?id=1114585

https://bugzilla.suse.com/show_bug.cgi?id=1114839

https://bugzilla.suse.com/show_bug.cgi?id=1114871

https://bugzilla.suse.com/show_bug.cgi?id=1115074

https://bugzilla.suse.com/show_bug.cgi?id=1115269

https://bugzilla.suse.com/show_bug.cgi?id=1115431

https://bugzilla.suse.com/show_bug.cgi?id=1115433

https://bugzilla.suse.com/show_bug.cgi?id=1115440

https://bugzilla.suse.com/show_bug.cgi?id=1115567

https://bugzilla.suse.com/show_bug.cgi?id=1115709

https://bugzilla.suse.com/show_bug.cgi?id=1115976

https://bugzilla.suse.com/show_bug.cgi?id=1116040

https://bugzilla.suse.com/show_bug.cgi?id=1116183

https://bugzilla.suse.com/show_bug.cgi?id=1116336

https://bugzilla.suse.com/show_bug.cgi?id=1116692

https://bugzilla.suse.com/show_bug.cgi?id=1116693

https://bugzilla.suse.com/show_bug.cgi?id=1116698

https://bugzilla.suse.com/show_bug.cgi?id=1116699

https://bugzilla.suse.com/show_bug.cgi?id=1116700

https://bugzilla.suse.com/show_bug.cgi?id=1116701

https://bugzilla.suse.com/show_bug.cgi?id=1116803

https://bugzilla.suse.com/show_bug.cgi?id=1116841

https://bugzilla.suse.com/show_bug.cgi?id=1116862

https://bugzilla.suse.com/show_bug.cgi?id=1116863

https://bugzilla.suse.com/show_bug.cgi?id=1116876

https://bugzilla.suse.com/show_bug.cgi?id=1116877

https://bugzilla.suse.com/show_bug.cgi?id=1116878

https://bugzilla.suse.com/show_bug.cgi?id=1116891

https://bugzilla.suse.com/show_bug.cgi?id=1116895

https://bugzilla.suse.com/show_bug.cgi?id=1116899

https://bugzilla.suse.com/show_bug.cgi?id=1116950

https://bugzilla.suse.com/show_bug.cgi?id=1117115

https://bugzilla.suse.com/show_bug.cgi?id=1117162

https://bugzilla.suse.com/show_bug.cgi?id=1117165

https://bugzilla.suse.com/show_bug.cgi?id=1117168

https://bugzilla.suse.com/show_bug.cgi?id=1117172

https://bugzilla.suse.com/show_bug.cgi?id=1117174

https://bugzilla.suse.com/show_bug.cgi?id=1117181

https://bugzilla.suse.com/show_bug.cgi?id=1117184

https://bugzilla.suse.com/show_bug.cgi?id=1117186

https://bugzilla.suse.com/show_bug.cgi?id=1117188

https://bugzilla.suse.com/show_bug.cgi?id=1117189

https://bugzilla.suse.com/show_bug.cgi?id=1117349

https://bugzilla.suse.com/show_bug.cgi?id=1117561

https://bugzilla.suse.com/show_bug.cgi?id=1117656

https://bugzilla.suse.com/show_bug.cgi?id=1117788

https://bugzilla.suse.com/show_bug.cgi?id=1117789

https://bugzilla.suse.com/show_bug.cgi?id=1117790

https://bugzilla.suse.com/show_bug.cgi?id=1117791

https://bugzilla.suse.com/show_bug.cgi?id=1120598

https://bugzilla.suse.com/show_bug.cgi?id=1120600

https://bugzilla.suse.com/show_bug.cgi?id=1120601

https://bugzilla.suse.com/show_bug.cgi?id=1120602

https://bugzilla.suse.com/show_bug.cgi?id=1120603

https://bugzilla.suse.com/show_bug.cgi?id=1120604

https://bugzilla.suse.com/show_bug.cgi?id=1120606

https://bugzilla.suse.com/show_bug.cgi?id=1120612

https://bugzilla.suse.com/show_bug.cgi?id=1119212

https://bugzilla.suse.com/show_bug.cgi?id=1119322

https://bugzilla.suse.com/show_bug.cgi?id=1119410

https://bugzilla.suse.com/show_bug.cgi?id=1119714

https://bugzilla.suse.com/show_bug.cgi?id=1119749

https://bugzilla.suse.com/show_bug.cgi?id=1119804

https://bugzilla.suse.com/show_bug.cgi?id=1119946

https://bugzilla.suse.com/show_bug.cgi?id=1119962

https://bugzilla.suse.com/show_bug.cgi?id=1119968

https://bugzilla.suse.com/show_bug.cgi?id=1120036

https://bugzilla.suse.com/show_bug.cgi?id=1120046

https://bugzilla.suse.com/show_bug.cgi?id=1120053

https://bugzilla.suse.com/show_bug.cgi?id=1120054

https://bugzilla.suse.com/show_bug.cgi?id=1120055

https://bugzilla.suse.com/show_bug.cgi?id=1120058

https://bugzilla.suse.com/show_bug.cgi?id=1120088

https://bugzilla.suse.com/show_bug.cgi?id=1120092

https://bugzilla.suse.com/show_bug.cgi?id=1120094

https://bugzilla.suse.com/show_bug.cgi?id=1120096

https://bugzilla.suse.com/show_bug.cgi?id=1120097

https://bugzilla.suse.com/show_bug.cgi?id=1120173

https://bugzilla.suse.com/show_bug.cgi?id=1120214

https://bugzilla.suse.com/show_bug.cgi?id=1120223

https://bugzilla.suse.com/show_bug.cgi?id=1120228

https://bugzilla.suse.com/show_bug.cgi?id=1120230

https://bugzilla.suse.com/show_bug.cgi?id=1120232

https://bugzilla.suse.com/show_bug.cgi?id=1120234

https://bugzilla.suse.com/show_bug.cgi?id=1120235

https://bugzilla.suse.com/show_bug.cgi?id=1120238

https://bugzilla.suse.com/show_bug.cgi?id=1120594

https://bugzilla.suse.com/show_bug.cgi?id=1120613

https://bugzilla.suse.com/show_bug.cgi?id=1120614

https://bugzilla.suse.com/show_bug.cgi?id=1120615

https://bugzilla.suse.com/show_bug.cgi?id=1120616

https://bugzilla.suse.com/show_bug.cgi?id=1120617

https://bugzilla.suse.com/show_bug.cgi?id=1120618

https://bugzilla.suse.com/show_bug.cgi?id=1120620

https://bugzilla.suse.com/show_bug.cgi?id=1120621

https://bugzilla.suse.com/show_bug.cgi?id=1120632

https://bugzilla.suse.com/show_bug.cgi?id=1120633

https://bugzilla.suse.com/show_bug.cgi?id=1120743

https://bugzilla.suse.com/show_bug.cgi?id=1120954

https://bugzilla.suse.com/show_bug.cgi?id=1121017

https://bugzilla.suse.com/show_bug.cgi?id=1121058

https://bugzilla.suse.com/show_bug.cgi?id=1121263

https://bugzilla.suse.com/show_bug.cgi?id=1121273

https://bugzilla.suse.com/show_bug.cgi?id=1121477

https://bugzilla.suse.com/show_bug.cgi?id=1121483

https://bugzilla.suse.com/show_bug.cgi?id=1121599

https://bugzilla.suse.com/show_bug.cgi?id=1121621

https://bugzilla.suse.com/show_bug.cgi?id=1121714

https://bugzilla.suse.com/show_bug.cgi?id=1121715

https://bugzilla.suse.com/show_bug.cgi?id=1121973

https://www.suse.com/security/cve/CVE-2018-12232/

https://www.suse.com/security/cve/CVE-2018-14625/

https://www.suse.com/security/cve/CVE-2018-16862/

https://www.suse.com/security/cve/CVE-2018-16884/

https://www.suse.com/security/cve/CVE-2018-18281/

https://www.suse.com/security/cve/CVE-2018-18397/

https://www.suse.com/security/cve/CVE-2018-18710/

https://www.suse.com/security/cve/CVE-2018-19407/

https://www.suse.com/security/cve/CVE-2018-19824/

https://www.suse.com/security/cve/CVE-2018-19854/

https://www.suse.com/security/cve/CVE-2018-19985/

https://www.suse.com/security/cve/CVE-2018-20169/

https://www.suse.com/security/cve/CVE-2018-9568/

http://www.nessus.org/u?967f2743

Plugin Details

Severity: High

ID: 121571

File Name: suse_SU-2019-0224-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 2/4/2019

Updated: 5/24/2022

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2018-9568

CVSS v3

Risk Factor: High

Base Score: 8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2018-16884

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource, p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource, p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kselftests-kmp-default, p-cpe:/a:novell:suse_linux:kernel-vanilla-base, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-obs-qa, p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/1/2019

Vulnerability Publication Date: 3/15/2013

Reference Information

CVE: CVE-2013-2547, CVE-2018-10940, CVE-2018-12232, CVE-2018-14625, CVE-2018-16658, CVE-2018-16862, CVE-2018-16884, CVE-2018-18281, CVE-2018-18397, CVE-2018-18710, CVE-2018-19407, CVE-2018-19824, CVE-2018-19854, CVE-2018-19985, CVE-2018-20169, CVE-2018-9568

BID: 58382