Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.1.4.2020.3503.1 |
Category: | SuSE Local Security Checks |
Title: | SUSE: Security Advisory (SUSE-SU-2020:3503-1) |
Summary: | The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:3503-1 advisory. |
Description: | Summary: The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:3503-1 advisory. Vulnerability Insight: The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bug fixes. The following security bugs were fixed: CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782). CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123). CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766). CVE-2020-14351: Fixed a race in the perf_mmap_close() function (bsc#1177086). CVE-2020-8694: Restricted energy meter to root access (bsc#1170415). CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' (bsc#1177725). CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511). CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). CVE-2020-25212: Fixed A TOCTOU mismatch in the NFS client code which could have been used by local attackers to corrupt memory (bsc#1176381). CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235). CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206). CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121). CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990). CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721). CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722). CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725). CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423). CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482). CVE-2019-19063: ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'Linux Kernel' package(s) on HPE Helion Openstack 8, SUSE Enterprise Storage 5, SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-6133 BugTraq ID: 106537 http://www.securityfocus.com/bid/106537 https://bugs.chromium.org/p/project-zero/issues/detail?id=1692 https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81 https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19 https://lists.debian.org/debian-lts-announce/2019/01/msg00021.html https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html RedHat Security Advisories: RHSA-2019:0230 https://access.redhat.com/errata/RHSA-2019:0230 RedHat Security Advisories: RHSA-2019:0420 https://access.redhat.com/errata/RHSA-2019:0420 RedHat Security Advisories: RHSA-2019:0832 https://access.redhat.com/errata/RHSA-2019:0832 RedHat Security Advisories: RHSA-2019:2699 https://access.redhat.com/errata/RHSA-2019:2699 RedHat Security Advisories: RHSA-2019:2978 https://access.redhat.com/errata/RHSA-2019:2978 SuSE Security Announcement: openSUSE-SU-2019:1914 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.html https://usn.ubuntu.com/3901-1/ https://usn.ubuntu.com/3901-2/ https://usn.ubuntu.com/3903-1/ https://usn.ubuntu.com/3903-2/ https://usn.ubuntu.com/3908-1/ https://usn.ubuntu.com/3908-2/ https://usn.ubuntu.com/3910-1/ https://usn.ubuntu.com/3910-2/ https://usn.ubuntu.com/3934-1/ https://usn.ubuntu.com/3934-2/ Common Vulnerability Exposure (CVE) ID: CVE-2020-0404 https://source.android.com/security/bulletin/2020-09-01 SuSE Security Announcement: openSUSE-SU-2020:1586 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html SuSE Security Announcement: openSUSE-SU-2020:1655 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2020-0427 http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html https://source.android.com/security/bulletin/pixel/2020-09-01 https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html Common Vulnerability Exposure (CVE) ID: CVE-2020-0431 Common Vulnerability Exposure (CVE) ID: CVE-2020-0432 Common Vulnerability Exposure (CVE) ID: CVE-2020-8694 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html |
Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |