ALT-BU-2020-3695-1
Branch p8 update bulletin.
Package kernel-image-un-def updated to version 4.19.108-alt0.M80P.1 for branch p8 in task 247430.
Closed vulnerabilities
BDU:2015-05303
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05304
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05305
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05306
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05307
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05308
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05309
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05310
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05311
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05312
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05313
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05314
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05315
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации
BDU:2015-05542
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-05543
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2020-00851
Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-21
CVE-2013-1798
The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2c118bfab8bc6b8bb213abfc35201e441693d55
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2c118bfab8bc6b8bb213abfc35201e441693d55
- openSUSE-SU-2013:0847
- openSUSE-SU-2013:0847
- openSUSE-SU-2013:0925
- openSUSE-SU-2013:0925
- openSUSE-SU-2013:1187
- openSUSE-SU-2013:1187
- http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
- http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
- RHSA-2013:0727
- RHSA-2013:0727
- RHSA-2013:0744
- RHSA-2013:0744
- RHSA-2013:0746
- RHSA-2013:0746
- RHSA-2013:0928
- RHSA-2013:0928
- RHSA-2013:1026
- RHSA-2013:1026
- MDVSA-2013:176
- MDVSA-2013:176
- [oss-security] 20130320 linux kernel: kvm: CVE-2013-179[6..8]
- [oss-security] 20130320 linux kernel: kvm: CVE-2013-179[6..8]
- USN-1809-1
- USN-1809-1
- USN-1812-1
- USN-1812-1
- USN-1813-1
- USN-1813-1
- https://bugzilla.redhat.com/show_bug.cgi?id=917017
- https://bugzilla.redhat.com/show_bug.cgi?id=917017
- https://github.com/torvalds/linux/commit/a2c118bfab8bc6b8bb213abfc35201e441693d55
- https://github.com/torvalds/linux/commit/a2c118bfab8bc6b8bb213abfc35201e441693d55
Modified: 2024-11-21
CVE-2019-3016
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
- http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
- http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
- [oss-security] 20200130 CVE-2019-3016: information leak within a KVM guest
- [oss-security] 20200130 CVE-2019-3016: information leak within a KVM guest
- https://bugzilla.redhat.com/show_bug.cgi?id=1792167
- https://bugzilla.redhat.com/show_bug.cgi?id=1792167
- https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7
- https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7
- https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e
- https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e
- https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589
- https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589
- https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e
- https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e
- https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796
- https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796
- https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini%40redhat.com/
- https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini%40redhat.com/
- https://security.netapp.com/advisory/ntap-20200313-0003/
- https://security.netapp.com/advisory/ntap-20200313-0003/
- USN-4300-1
- USN-4300-1
- USN-4301-1
- USN-4301-1
- DSA-4699
- DSA-4699
Package kernel-image-std-debug updated to version 4.9.216-alt0.M80P.1 for branch p8 in task 247716.
Closed vulnerabilities
BDU:2020-00785
Уязвимость функции vc_do_resize ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
BDU:2020-00786
Уязвимость функции vgacon_invert_region ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
BDU:2020-00787
Уязвимость функции n_tty_receive_buf_common ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-8647
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
- openSUSE-SU-2020:0388
- openSUSE-SU-2020:0388
- https://bugzilla.kernel.org/show_bug.cgi?id=206359
- https://bugzilla.kernel.org/show_bug.cgi?id=206359
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- DSA-4698
- DSA-4698
Modified: 2024-11-21
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
- openSUSE-SU-2020:0336
- openSUSE-SU-2020:0336
- https://bugzilla.kernel.org/show_bug.cgi?id=206361
- https://bugzilla.kernel.org/show_bug.cgi?id=206361
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- https://security.netapp.com/advisory/ntap-20200924-0004/
- https://security.netapp.com/advisory/ntap-20200924-0004/
- USN-4342-1
- USN-4342-1
- USN-4344-1
- USN-4344-1
- USN-4345-1
- USN-4345-1
- USN-4346-1
- USN-4346-1
- DSA-4698
- DSA-4698
Modified: 2024-11-21
CVE-2020-8649
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
- openSUSE-SU-2020:0388
- openSUSE-SU-2020:0388
- https://bugzilla.kernel.org/show_bug.cgi?id=206357
- https://bugzilla.kernel.org/show_bug.cgi?id=206357
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- DSA-4698
- DSA-4698
Closed vulnerabilities
BDU:2018-01221
Уязвимость механизма аутентификации серверной части библиотеки libssh, позволяющая нарушителю обойти процедуру аутентификации
BDU:2020-02642
Уязвимость функции ssh_scp_new() библиотеки libssh, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2018-10933
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
- 105677
- 105677
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10933
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10933
- [debian-lts-announce] 20181018 [SECURITY] [DLA 1548-1] libssh security update
- [debian-lts-announce] 20181018 [SECURITY] [DLA 1548-1] libssh security update
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0016
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0016
- https://security.netapp.com/advisory/ntap-20190118-0002/
- https://security.netapp.com/advisory/ntap-20190118-0002/
- USN-3795-1
- USN-3795-1
- USN-3795-2
- USN-3795-2
- DSA-4322
- DSA-4322
- 45638
- 45638
- https://www.libssh.org/security/advisories/CVE-2018-10933.txt
- https://www.libssh.org/security/advisories/CVE-2018-10933.txt
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Modified: 2024-11-21
CVE-2019-14889
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
- openSUSE-SU-2019:2689
- openSUSE-SU-2019:2689
- openSUSE-SU-2020:0102
- openSUSE-SU-2020:0102
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14889
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14889
- [debian-lts-announce] 20191217 [SECURITY] [DLA 2038-1] libssh security update
- [debian-lts-announce] 20191217 [SECURITY] [DLA 2038-1] libssh security update
- [debian-lts-announce] 20230529 [SECURITY] [DLA 3437-1] libssh security update
- [debian-lts-announce] 20230529 [SECURITY] [DLA 3437-1] libssh security update
- FEDORA-2019-8b0ad69829
- FEDORA-2019-8b0ad69829
- FEDORA-2019-46b6bd2459
- FEDORA-2019-46b6bd2459
- GLSA-202003-27
- GLSA-202003-27
- USN-4219-1
- USN-4219-1
- https://www.libssh.org/security/advisories/CVE-2019-14889.txt
- https://www.libssh.org/security/advisories/CVE-2019-14889.txt
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
Closed bugs
Обновить до 0.8.5
Package x2goclient updated to version 4.1.2.1-alt3 for branch p8 in task 247316.
Closed bugs
Ошибка при подключении к серверу
Не монтируется общий каталог, если в имени каталога есть кириллица
Не работает монтирование общего каталога
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-1010057
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdump must read and process a specially crafted file. The fixed version is: after commit 9f0fe9563366f62a71d34c92229da3432ec5cf0e.
- https://github.com/phaag/nfdump/issues/104
- https://github.com/phaag/nfdump/issues/104
- [debian-lts-announce] 20200926 [SECURITY] [DLA 2383-1] nfdump security update
- [debian-lts-announce] 20200926 [SECURITY] [DLA 2383-1] nfdump security update
- FEDORA-2019-0fbfb00cbb
- FEDORA-2019-0fbfb00cbb
- FEDORA-2019-9013b5e75d
- FEDORA-2019-9013b5e75d
- GLSA-202003-17
- GLSA-202003-17
Modified: 2024-11-21
CVE-2019-14459
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
- https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
- https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
- https://github.com/phaag/nfdump/issues/171
- https://github.com/phaag/nfdump/issues/171
- [debian-lts-announce] 20200926 [SECURITY] [DLA 2383-1] nfdump security update
- [debian-lts-announce] 20200926 [SECURITY] [DLA 2383-1] nfdump security update
- FEDORA-2019-0fbfb00cbb
- FEDORA-2019-0fbfb00cbb
- FEDORA-2019-9013b5e75d
- FEDORA-2019-9013b5e75d
- GLSA-202003-17
- GLSA-202003-17
Closed bugs
libnfdump-1.6.17-alt1 builds and provides its own old bundled copy of liblz4 and other system libraries
Package kernel-image-un-def updated to version 4.19.109-alt0.M80P.1 for branch p8 in task 247713.
Closed vulnerabilities
BDU:2020-00785
Уязвимость функции vc_do_resize ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
BDU:2020-00786
Уязвимость функции vgacon_invert_region ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
BDU:2020-00787
Уязвимость функции n_tty_receive_buf_common ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-8647
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
- openSUSE-SU-2020:0388
- openSUSE-SU-2020:0388
- https://bugzilla.kernel.org/show_bug.cgi?id=206359
- https://bugzilla.kernel.org/show_bug.cgi?id=206359
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- DSA-4698
- DSA-4698
Modified: 2024-11-21
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
- openSUSE-SU-2020:0336
- openSUSE-SU-2020:0336
- https://bugzilla.kernel.org/show_bug.cgi?id=206361
- https://bugzilla.kernel.org/show_bug.cgi?id=206361
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- https://security.netapp.com/advisory/ntap-20200924-0004/
- https://security.netapp.com/advisory/ntap-20200924-0004/
- USN-4342-1
- USN-4342-1
- USN-4344-1
- USN-4344-1
- USN-4345-1
- USN-4345-1
- USN-4346-1
- USN-4346-1
- DSA-4698
- DSA-4698
Modified: 2024-11-21
CVE-2020-8649
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
- openSUSE-SU-2020:0388
- openSUSE-SU-2020:0388
- https://bugzilla.kernel.org/show_bug.cgi?id=206357
- https://bugzilla.kernel.org/show_bug.cgi?id=206357
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- DSA-4698
- DSA-4698