Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2021.2846.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2021:2846-1)
Summary:The remote host is missing an update for the 'Linux Kernel (Live Patch 40 for SLE 12 SP3)' package(s) announced via the SUSE-SU-2021:2846-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel (Live Patch 40 for SLE 12 SP3)' package(s) announced via the SUSE-SU-2021:2846-1 advisory.

Vulnerability Insight:
This update for the Linux Kernel 4.4.180-94_147 fixes several issues.

The following security issues were fixed:

CVE-2021-37576: On the powerpc platform KVM guest OS users could cause
host OS memory corruption via rtas_args.nargs (bsc#1188838).

CVE-2021-28688: The fix for XSA-365 includes initialization of pointers
such that subsequent cleanup code wouldn't use uninitialized or stale
values. This initialization went too far and may under certain
conditions also overwrite pointers which are in need of cleaning up.
(bsc#1183646)

CVE-2020-0429: Fixed a potential local privilege escalation in
l2tp_session_delete and related functions of l2tp_core.c (bsc#1176724).

Affected Software/OS:
'Linux Kernel (Live Patch 40 for SLE 12 SP3)' package(s) on SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for SAP 12-SP3.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-0429
https://source.android.com/security/bulletin/pixel/2020-09-01
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.