Oval Definition:oval:org.opensuse.security:def:65870
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP1) (Important)
Description:

This update for the Linux Kernel 4.12.14-197_10 fixes several issues.

The following security issue was fixed:

- CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021).
Family:unixClass:patch
Status:Reference(s):1058115
1149841
1151021
1163592
1167030
1172873
1175306
1175721
1176855
1176907
1176983
1177703
1177819
1177820
1178123
1178393
1178589
1178622
1178686
1178765
1178782
927455
CVE-2019-14835
CVE-2020-25668
CVE-2020-25704
CVE-2020-25705
SUSE-SU-2020:3507-1
Platform(s):SUSE Linux Enterprise Module for Live Patching 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_10-default-2-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_3-2-2 is installed
    • BACK