[SUSE-SU-2019:3232-1] Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)
Severity
Important
Affected Packages
2
CVEs
3
Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)
This update for the Linux Kernel 4.4.121-92_101 fixes several issues.
The following security issues were fixed:
- CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331).
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Package | Affected Version |
---|---|
pkg:rpm/suse/kgraft-patch-4_4_121-92_101-default?arch=x86_64&distro=sles-12&sp=2 | < 7-2.5 |
pkg:rpm/suse/kgraft-patch-4_4_121-92_101-default?arch=ppc64le&distro=sles-12&sp=2 | < 7-2.5 |
- ID
- SUSE-SU-2019:3232-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2019/suse-su-20193232-1/
- Published
-
2019-12-10T09:17:52
(4 years ago) - Modified
-
2019-12-10T09:17:52
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2018-1086
- ALAS-2019-1232
- ALAS2-2019-1232
- CISA-2021:1210
- DSA-4484-1
- DSA-4497-1
- ELSA-2019-2411
- ELSA-2019-3055
- ELSA-2019-4746
- ELSA-2020-5866
- ELSA-2021-9473
- FEDORA-2019-a95015e60f
- openSUSE-SU-2019:2503-1
- openSUSE-SU-2019:2507-1
- RHSA-2019:2405
- RHSA-2019:2411
- RHSA-2019:3055
- RHSA-2019:3076
- RHSA-2019:3089
- SSA:2019-202-01
- SSA:2019-226-01
- SUSE-SU-2019:2263-1
- SUSE-SU-2019:2299-1
- SUSE-SU-2019:2821-1
- SUSE-SU-2019:2829-1
- SUSE-SU-2019:2859-1
- SUSE-SU-2019:2864-1
- SUSE-SU-2019:2946-1
- SUSE-SU-2019:2947-1
- SUSE-SU-2019:2948-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2951-1
- SUSE-SU-2019:2952-1
- SUSE-SU-2019:2953-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3019-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3215-1
- SUSE-SU-2019:3216-1
- SUSE-SU-2019:3223-1
- SUSE-SU-2019:3224-1
- SUSE-SU-2019:3225-1
- SUSE-SU-2019:3228-1
- SUSE-SU-2019:3230-1
- SUSE-SU-2019:3233-1
- SUSE-SU-2019:3246-1
- SUSE-SU-2019:3247-1
- SUSE-SU-2019:3248-1
- SUSE-SU-2019:3249-1
- SUSE-SU-2019:3252-1
- SUSE-SU-2019:3255-1
- SUSE-SU-2019:3258-1
- SUSE-SU-2019:3260-1
- SUSE-SU-2019:3261-1
- SUSE-SU-2019:3263-1
- SUSE-SU-2019:3294-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0183-1
- USN-4093-1
- USN-4094-1
- USN-4095-1
- USN-4116-1
- USN-4117-1
- USN-4118-1
- USN-4226-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3232-1.json | |
Suse | URL for SUSE-SU-2019:3232-1 | https://www.suse.com/support/update/announcement/2019/suse-su-20193232-1/ | |
Suse | E-Mail link for SUSE-SU-2019:3232-1 | https://lists.suse.com/pipermail/sle-security-updates/2019-December/006227.html | |
Bugzilla | SUSE Bug 1153108 | https://bugzilla.suse.com/1153108 | |
Bugzilla | SUSE Bug 1156321 | https://bugzilla.suse.com/1156321 | |
Bugzilla | SUSE Bug 1156331 | https://bugzilla.suse.com/1156331 | |
CVE | SUSE CVE CVE-2018-20856 page | https://www.suse.com/security/cve/CVE-2018-20856/ | |
CVE | SUSE CVE CVE-2019-10220 page | https://www.suse.com/security/cve/CVE-2019-10220/ | |
CVE | SUSE CVE CVE-2019-13272 page | https://www.suse.com/security/cve/CVE-2019-13272/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kgraft-patch-4_4_121-92_101-default?arch=x86_64&distro=sles-12&sp=2 | suse | kgraft-patch-4_4_121-92_101-default | < 7-2.5 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kgraft-patch-4_4_121-92_101-default?arch=ppc64le&distro=sles-12&sp=2 | suse | kgraft-patch-4_4_121-92_101-default | < 7-2.5 | sles-12 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |