Detections
Analytics
SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13979-1)
high Nessus Plugin ID 122891
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.The following security bugs were fixed :
CVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1114920 bnc#1124010).
CVE-2017-18360: In change_port_settings in drivers/usb/serial/io_ti.c local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates (bnc#1123706).
CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
CVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests. (bnc#1124735).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t patch sdksp4-kernel-20190225-13979=1
SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-kernel-20190225-13979=1
SUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch slexsp3-kernel-20190225-13979=1
SUSE Linux Enterprise Real Time Extension 11-SP4:zypper in -t patch slertesp4-kernel-20190225-13979=1
SUSE Linux Enterprise High Availability Extension 11-SP4:zypper in -t patch slehasp4-kernel-20190225-13979=1
SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-kernel-20190225-13979=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1012382
https://bugzilla.suse.com/show_bug.cgi?id=1031572
https://bugzilla.suse.com/show_bug.cgi?id=1068032
https://bugzilla.suse.com/show_bug.cgi?id=1086695
https://bugzilla.suse.com/show_bug.cgi?id=1087081
https://bugzilla.suse.com/show_bug.cgi?id=1094244
https://bugzilla.suse.com/show_bug.cgi?id=1098658
https://bugzilla.suse.com/show_bug.cgi?id=1104098
https://bugzilla.suse.com/show_bug.cgi?id=1104367
https://bugzilla.suse.com/show_bug.cgi?id=1104684
https://bugzilla.suse.com/show_bug.cgi?id=1104818
https://bugzilla.suse.com/show_bug.cgi?id=1105536
https://bugzilla.suse.com/show_bug.cgi?id=1106105
https://bugzilla.suse.com/show_bug.cgi?id=1106886
https://bugzilla.suse.com/show_bug.cgi?id=1107371
https://bugzilla.suse.com/show_bug.cgi?id=1109330
https://bugzilla.suse.com/show_bug.cgi?id=1109806
https://bugzilla.suse.com/show_bug.cgi?id=1110006
https://bugzilla.suse.com/show_bug.cgi?id=1112963
https://bugzilla.suse.com/show_bug.cgi?id=1113667
https://bugzilla.suse.com/show_bug.cgi?id=1114440
https://bugzilla.suse.com/show_bug.cgi?id=1114672
https://bugzilla.suse.com/show_bug.cgi?id=1114920
https://bugzilla.suse.com/show_bug.cgi?id=1115007
https://bugzilla.suse.com/show_bug.cgi?id=1115038
https://bugzilla.suse.com/show_bug.cgi?id=1115827
https://bugzilla.suse.com/show_bug.cgi?id=1115828
https://bugzilla.suse.com/show_bug.cgi?id=1115829
https://bugzilla.suse.com/show_bug.cgi?id=1115830
https://bugzilla.suse.com/show_bug.cgi?id=1115831
https://bugzilla.suse.com/show_bug.cgi?id=1115832
https://bugzilla.suse.com/show_bug.cgi?id=1115833
https://bugzilla.suse.com/show_bug.cgi?id=1115834
https://bugzilla.suse.com/show_bug.cgi?id=1115835
https://bugzilla.suse.com/show_bug.cgi?id=1115836
https://bugzilla.suse.com/show_bug.cgi?id=1115837
https://bugzilla.suse.com/show_bug.cgi?id=1115838
https://bugzilla.suse.com/show_bug.cgi?id=1115839
https://bugzilla.suse.com/show_bug.cgi?id=1115840
https://bugzilla.suse.com/show_bug.cgi?id=1115841
https://bugzilla.suse.com/show_bug.cgi?id=1115842
https://bugzilla.suse.com/show_bug.cgi?id=1115843
https://bugzilla.suse.com/show_bug.cgi?id=1115844
https://bugzilla.suse.com/show_bug.cgi?id=1116841
https://bugzilla.suse.com/show_bug.cgi?id=1117796
https://bugzilla.suse.com/show_bug.cgi?id=1117802
https://bugzilla.suse.com/show_bug.cgi?id=1117805
https://bugzilla.suse.com/show_bug.cgi?id=1117806
https://bugzilla.suse.com/show_bug.cgi?id=1117943
https://bugzilla.suse.com/show_bug.cgi?id=1118152
https://bugzilla.suse.com/show_bug.cgi?id=1118319
https://bugzilla.suse.com/show_bug.cgi?id=1118760
https://bugzilla.suse.com/show_bug.cgi?id=1119255
https://bugzilla.suse.com/show_bug.cgi?id=1119714
https://bugzilla.suse.com/show_bug.cgi?id=1120056
https://bugzilla.suse.com/show_bug.cgi?id=1120077
https://bugzilla.suse.com/show_bug.cgi?id=1120086
https://bugzilla.suse.com/show_bug.cgi?id=1120093
https://bugzilla.suse.com/show_bug.cgi?id=1120094
https://bugzilla.suse.com/show_bug.cgi?id=1120105
https://bugzilla.suse.com/show_bug.cgi?id=1120107
https://bugzilla.suse.com/show_bug.cgi?id=1120109
https://bugzilla.suse.com/show_bug.cgi?id=1120217
https://bugzilla.suse.com/show_bug.cgi?id=1120223
https://bugzilla.suse.com/show_bug.cgi?id=1120226
https://bugzilla.suse.com/show_bug.cgi?id=1120336
https://bugzilla.suse.com/show_bug.cgi?id=1120347
https://bugzilla.suse.com/show_bug.cgi?id=1120743
https://bugzilla.suse.com/show_bug.cgi?id=1120950
https://bugzilla.suse.com/show_bug.cgi?id=1121872
https://bugzilla.suse.com/show_bug.cgi?id=1121997
https://bugzilla.suse.com/show_bug.cgi?id=1122874
https://bugzilla.suse.com/show_bug.cgi?id=1123505
https://bugzilla.suse.com/show_bug.cgi?id=1123702
https://bugzilla.suse.com/show_bug.cgi?id=1123706
https://bugzilla.suse.com/show_bug.cgi?id=1124010
https://bugzilla.suse.com/show_bug.cgi?id=1124735
https://bugzilla.suse.com/show_bug.cgi?id=1125931
https://bugzilla.suse.com/show_bug.cgi?id=931850
https://bugzilla.suse.com/show_bug.cgi?id=969471
https://bugzilla.suse.com/show_bug.cgi?id=969473
https://www.suse.com/security/cve/CVE-2016-10741/
https://www.suse.com/security/cve/CVE-2017-18360/
https://www.suse.com/security/cve/CVE-2018-19407/
https://www.suse.com/security/cve/CVE-2018-19824/
https://www.suse.com/security/cve/CVE-2018-19985/
https://www.suse.com/security/cve/CVE-2018-20169/
https://www.suse.com/security/cve/CVE-2018-9568/
Plugin Details
Severity: High
ID: 122891
File Name: suse_SU-2019-13979-1.nasl
Version: 1.6
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/18/2019
Updated: 6/13/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2018-9568
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-pae, p-cpe:/a:novell:suse_linux:kernel-ec2, p-cpe:/a:novell:suse_linux:kernel-xen-devel, p-cpe:/a:novell:suse_linux:kernel-xen-base, p-cpe:/a:novell:suse_linux:kernel-pae-base, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-trace-base, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:kernel-ec2-base, p-cpe:/a:novell:suse_linux:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-trace, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-xen, p-cpe:/a:novell:suse_linux:kernel-trace-devel, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-pae-devel
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/15/2019
Vulnerability Publication Date: 11/21/2018
Reference Information
CVE: CVE-2016-10741, CVE-2017-18360, CVE-2018-19407, CVE-2018-19824, CVE-2018-19985, CVE-2018-20169, CVE-2018-9568, CVE-2019-7222