Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
openSUSE: Security Advisory for the (openSUSE-SU-2020:1153-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'the' package(s) announced via the openSUSE-SU-2020:1153-1 advisory.
Insight
Insight
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c where it did not check the length of variable elements in a beacon head, leading to a buffer overflow (bnc#1152107 1173659). - CVE-2019-20810: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c did not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586 (bnc#1172458). - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c where Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bnc#1173567). - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1174462). - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key (bnc#1171988). - CVE-2020-10766: Fixed rogue cross-process SSBD shutdown. Linux scheduler logical bug allowed an attacker to turn off the SSBD protection. (bnc#1172781). - CVE-2020-10767: Fixed indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. (bnc#1172782). - CVE-2020-10768: Fixed indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (bnc#1172783). - CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265). - CVE-2020-10773: Fixed a kernel stack information leak on s390/s390x. (bnc#1172999). - CVE-2020-10781: A zram sysfs resource consumption was fixed. (bnc#1173074). Description truncated. Please see the references for more information.
Affected Software
Affected Software
'the' package(s) on openSUSE Leap 15.1.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).