Oval Definition:oval:org.opensuse.security:def:125143
Revision Date:2019-10-08Version:1
Title:Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP4) (Important)
Description:

This update for the Linux Kernel 4.12.14-95_16 fixes several issues.

The following security issue was fixed:

- CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021).
Family:unixClass:patch
Status:Reference(s):1149841
1151021
CVE-2019-14835
Platform(s):SUSE Linux Enterprise Live Patching 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP4 is installed
  • AND kgraft-patch-4_12_14-95_16-default-4-2.1 is installed
  • BACK