Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:14127-1 Final 1 1 2019-07-18T15:53:32Z current 2019-07-18T15:53:32Z 2019-07-18T15:53:32Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel(bnc#1120758). - CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before (bnc#1120758). - CVE-2019-3896: A double-free could happen in idr_remove_all() in lib/idr.c in the Linux kernel. An unprivileged local attacker could use this flaw for a privilege escalation or for a system crash and a denial of service (DoS) (bnc#1138943). - CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which could lead to a denial of service (bnc#1102340). - CVE-2018-20836: An issue was discovered in the Linux kernel There was a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free (bnc#1134395). - CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel There was an unchecked kstrdup of prop-name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1137194). - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bnc#1136424 1136446). The following non-security bugs were fixed: - KEYS: do not let add_key() update an uninstantiated key (bnc#1063416). - fnic: Fix to cleanup aborted IO to avoid device being offlined by mid-layer (bsc#1134835). - signal: give SEND_SIG_FORCED more power to beat SIGNAL_UNKILLABLE (bsc#1135650). - signal: oom_kill_task: use SEND_SIG_FORCED instead of force_sig() (bsc#1135650). - tcp: a regression in the previous fix for the TCP SACK issue was fixed (bnc#1139751) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). slessp4-kernel-source-14127,slexsp3-kernel-source-14127 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ Link for SUSE-SU-2019:14127-1 https://lists.suse.com/pipermail/sle-security-updates/2019-July/005734.html E-Mail link for SUSE-SU-2019:14127-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1063416 SUSE Bug 1063416 https://bugzilla.suse.com/1090078 SUSE Bug 1090078 https://bugzilla.suse.com/1102340 SUSE Bug 1102340 https://bugzilla.suse.com/1120758 SUSE Bug 1120758 https://bugzilla.suse.com/1134395 SUSE Bug 1134395 https://bugzilla.suse.com/1134835 SUSE Bug 1134835 https://bugzilla.suse.com/1135650 SUSE Bug 1135650 https://bugzilla.suse.com/1136424 SUSE Bug 1136424 https://bugzilla.suse.com/1137194 SUSE Bug 1137194 https://bugzilla.suse.com/1138943 SUSE Bug 1138943 https://bugzilla.suse.com/1139751 SUSE Bug 1139751 https://www.suse.com/security/cve/CVE-2018-20836/ SUSE CVE CVE-2018-20836 page https://www.suse.com/security/cve/CVE-2018-5390/ SUSE CVE CVE-2018-5390 page https://www.suse.com/security/cve/CVE-2019-12614/ SUSE CVE CVE-2019-12614 page https://www.suse.com/security/cve/CVE-2019-3459/ SUSE CVE CVE-2019-3459 page https://www.suse.com/security/cve/CVE-2019-3460/ SUSE CVE CVE-2019-3460 page https://www.suse.com/security/cve/CVE-2019-3846/ SUSE CVE CVE-2019-3846 page https://www.suse.com/security/cve/CVE-2019-3896/ SUSE CVE CVE-2019-3896 page SUSE Linux Enterprise Server 11 SP4-LTSS kernel-bigmem-3.0.101-108.98.1 kernel-bigmem-base-3.0.101-108.98.1 kernel-bigmem-devel-3.0.101-108.98.1 kernel-default-3.0.101-108.98.1 kernel-default-base-3.0.101-108.98.1 kernel-default-devel-3.0.101-108.98.1 kernel-default-man-3.0.101-108.98.1 kernel-ec2-3.0.101-108.98.1 kernel-ec2-base-3.0.101-108.98.1 kernel-ec2-devel-3.0.101-108.98.1 kernel-pae-3.0.101-108.98.1 kernel-pae-base-3.0.101-108.98.1 kernel-pae-devel-3.0.101-108.98.1 kernel-ppc64-3.0.101-108.98.1 kernel-ppc64-base-3.0.101-108.98.1 kernel-ppc64-devel-3.0.101-108.98.1 kernel-source-3.0.101-108.98.1 kernel-syms-3.0.101-108.98.1 kernel-trace-3.0.101-108.98.1 kernel-trace-base-3.0.101-108.98.1 kernel-trace-devel-3.0.101-108.98.1 kernel-xen-3.0.101-108.98.1 kernel-xen-base-3.0.101-108.98.1 kernel-xen-devel-3.0.101-108.98.1 kernel-bigmem-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-bigmem-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-bigmem-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-man-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-ec2-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-ec2-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-ec2-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-pae-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-pae-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-pae-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-ppc64-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-ppc64-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-ppc64-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-source-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-syms-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-trace-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-trace-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-trace-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-xen-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-xen-base-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-xen-devel-3.0.101-108.98.1 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. CVE-2018-20836 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 low 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C 6.2 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2018-20836.html CVE-2018-20836 https://bugzilla.suse.com/1134395 SUSE Bug 1134395 Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. CVE-2018-5390 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2018-5390.html CVE-2018-5390 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 https://bugzilla.suse.com/1102340 SUSE Bug 1102340 https://bugzilla.suse.com/1102682 SUSE Bug 1102682 https://bugzilla.suse.com/1103097 SUSE Bug 1103097 https://bugzilla.suse.com/1103098 SUSE Bug 1103098 https://bugzilla.suse.com/1156434 SUSE Bug 1156434 An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). CVE-2019-12614 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2019-12614.html CVE-2019-12614 https://bugzilla.suse.com/1137194 SUSE Bug 1137194 A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. CVE-2019-3459 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 moderate 3.3 AV:A/AC:L/Au:N/C:P/I:N/A:N 2.6 CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2019-3459.html CVE-2019-3459 https://bugzilla.suse.com/1120758 SUSE Bug 1120758 A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. CVE-2019-3460 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 moderate 3.3 AV:A/AC:L/Au:N/C:P/I:N/A:N 2.6 CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2019-3460.html CVE-2019-3460 https://bugzilla.suse.com/1120758 SUSE Bug 1120758 https://bugzilla.suse.com/1155131 SUSE Bug 1155131 A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. CVE-2019-3846 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 moderate 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C 7.5 CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2019-3846.html CVE-2019-3846 https://bugzilla.suse.com/1136424 SUSE Bug 1136424 https://bugzilla.suse.com/1136446 SUSE Bug 1136446 https://bugzilla.suse.com/1156330 SUSE Bug 1156330 A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS). CVE-2019-3896 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.98.1 SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.98.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 7 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914127-1/ https://www.suse.com/security/cve/CVE-2019-3896.html CVE-2019-3896 https://bugzilla.suse.com/1138943 SUSE Bug 1138943 https://bugzilla.suse.com/1156434 SUSE Bug 1156434 https://bugzilla.suse.com/1173987 SUSE Bug 1173987