[SUSE-SU-2019:0236-1] Security update for the Linux Kernel (Live Patch 0 for SLE 15)
Severity
Important
CVEs
1
Security update for the Linux Kernel (Live Patch 0 for SLE 15)
This update for the Linux Kernel 4.12.14-23 fixes one issue.
The following security issue was fixed:
- CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bsc#1119947).
- ID
- SUSE-SU-2019:0236-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2019/suse-su-20190236-1/
- Published
-
2019-02-05T12:56:58
(5 years ago) - Modified
-
2019-02-05T12:56:58
(5 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2019-1149
- ALAS2-2019-1149
- ELSA-2019-1873
- ELSA-2019-3517
- ELSA-2020-5841
- ELSA-2020-5845
- ELSA-2020-5866
- FEDORA-2019-20a89ca9af
- openSUSE-SU-2019:0065-1
- RHSA-2019:1873
- RHSA-2019:1891
- RHSA-2019:3309
- RHSA-2019:3517
- SSA:2019-030-01
- SUSE-SU-2019:0148-1
- SUSE-SU-2019:0150-1
- SUSE-SU-2019:0196-1
- SUSE-SU-2019:0222-1
- SUSE-SU-2019:0224-1
- SUSE-SU-2019:0298-1
- SUSE-SU-2019:0320-1
- SUSE-SU-2019:0326-1
- SUSE-SU-2019:0356-1
- SUSE-SU-2019:0439-1
- SUSE-SU-2019:0541-1
- SUSE-SU-2019:1289-1
- USN-3932-1
- USN-3932-2
- USN-3980-1
- USN-3980-2
- USN-3981-1
- USN-3981-2
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0236-1.json | |
Suse | URL for SUSE-SU-2019:0236-1 | https://www.suse.com/support/update/announcement/2019/suse-su-20190236-1/ | |
Suse | E-Mail link for SUSE-SU-2019:0236-1 | https://lists.suse.com/pipermail/sle-security-updates/2019-February/005082.html | |
Bugzilla | SUSE Bug 1119947 | https://bugzilla.suse.com/1119947 | |
CVE | SUSE CVE CVE-2018-16884 page | https://www.suse.com/security/cve/CVE-2018-16884/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |