| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP1) (Important) |
| Description: |
This update for the Linux Kernel 4.12.14-197_15 fixes several issues.
The following security issues were fixed:
- CVE-2019-14896: A heap-based buffer overflow vulnerability was found in the Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP (bsc#1157157). - CVE-2019-14897: A stack-based buffer overflow was found in the Marvell WiFi chip driver. An attacker was able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA (bsc#1157155).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1103203
1160467
1160468
1172524
CVE-2019-14896
CVE-2019-14897
CVE-2020-12861
CVE-2020-12862
CVE-2020-12863
CVE-2020-12864
CVE-2020-12865
CVE-2020-12866
CVE-2020-12867
SUSE-SU-2020:3065-1
|
| Platform(s): | SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information
sane-backends-1.0.31-6.3 is installed
OR sane-backends-32bit-1.0.31-6.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
AND Package Information
kernel-livepatch-4_12_14-197_15-default-5-2 is installed
OR kernel-livepatch-SLE15-SP1_Update_4-5-2 is installed
|