Oval Definition:oval:org.opensuse.security:def:65872
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1) (Important)
Description:

This update for the Linux Kernel 4.12.14-195 fixes several issues.

The following security issue was fixed:

- CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021).
Family:unixClass:patch
Status:Reference(s):1044231
1051510
1051858
1056686
1060463
1065729
1103990
1103992
1104353
1104745
1109837
1111666
1111974
1112178
1112374
1113956
1114279
1114685
1119680
1127611
1133021
1134090
1136157
1141895
1144333
1146539
1149841
1151021
1156510
1157424
1158187
1159285
1160659
1161561
1161951
1162928
1162929
1162931
1164078
1164507
1165111
1165404
1165488
1165527
1165741
1165813
1165873
1165929
1165950
1165980
1165984
1165985
1166003
1166101
1166102
1166103
1166104
1166632
1166658
1166730
1166731
1166732
1166733
1166734
1166735
CVE-2019-14835
CVE-2019-19768
CVE-2020-8647
CVE-2020-8648
CVE-2020-8649
CVE-2020-9383
SUSE-SU-2020:0836-1
Platform(s):SUSE Linux Enterprise Module for Live Patching 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-195-default-6-16 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_0-6-16 is installed
    • BACK