SB2019101101 - OpenSUSE Linux update for the Linux Kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019101101

SB2019101101 - OpenSUSE Linux update for the Linux Kernel

Published: October 11, 2019

Security Bulletin ID SB2019101101
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Double Free (CVE-ID: CVE-2017-18595)

The vulnerability allows a local user to escalate privileges in the system.

The vulnerability exists due to a boundary error within the allocate_trace_buffer() function in the kernel/trace/trace.c. A local user can run a specially crafted application to trigger a double free error and execute arbitrary code on the target system with elevated privileges.


2) Out-of-bounds write (CVE-ID: CVE-2019-14821)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the KVM coalesced MMIO support functionality due to incorrect processing of shared indexes. A local user can run a specially crafted application to trigger an out-of-bounds write error and write data to arbitrary address in the kernel memory.

Successful vulnerability exploitation may allow an attacker to execute arbitrary code on the system with root privileges.


3) NULL pointer dereference (CVE-ID: CVE-2019-15291)

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the "flexcop_usb_probe" function in the "drivers/media/usb/b2c2/flexcop-usb.c" driver. A local attacker with physical access can use a malicious USB device and perform a denial of service (DoS) attack.


4) Cryptographic issues (CVE-ID: CVE-2019-9506)

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to a weakness in Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification that allows an attacker with close proximity to the affected system to perform a man-in-the-middle attack on an encrypted Bluetooth connection.

Successful exploitation of the vulnerability may allow an attacker to gain access to sensitive information or perform unauthorized actions.


Remediation

Install update from vendor's website.

References