SUSE 5008 Published by

The following updates has been released for openSUSE:

openSUSE-SU-2019:2306-1: important: Security update for libopenmpt
openSUSE-SU-2019:2307-1: important: Security update for the Linux Kernel
openSUSE-SU-2019:2308-1: important: Security update for the Linux Kernel



openSUSE-SU-2019:2306-1: important: Security update for libopenmpt

openSUSE Security Update: Security update for libopenmpt
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2306-1
Rating: important
References: #1153102
Cross-References: CVE-2019-17113
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for libopenmpt to version 0.3.19 fixes the following issues:

- CVE-2019-17113: Fixed a buffer overflow in ModPlug_InstrumentName and
ModPlug_SampleName (bsc#1153102).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2306=1



Package List:

- openSUSE Leap 15.1 (i586 x86_64):

libmodplug-devel-0.3.19-lp151.2.6.1
libmodplug1-0.3.19-lp151.2.6.1
libmodplug1-debuginfo-0.3.19-lp151.2.6.1
libopenmpt-debugsource-0.3.19-lp151.2.6.1
libopenmpt-devel-0.3.19-lp151.2.6.1
libopenmpt0-0.3.19-lp151.2.6.1
libopenmpt0-debuginfo-0.3.19-lp151.2.6.1
libopenmpt_modplug1-0.3.19-lp151.2.6.1
libopenmpt_modplug1-debuginfo-0.3.19-lp151.2.6.1
openmpt123-0.3.19-lp151.2.6.1
openmpt123-debuginfo-0.3.19-lp151.2.6.1

- openSUSE Leap 15.1 (x86_64):

libmodplug1-32bit-0.3.19-lp151.2.6.1
libmodplug1-32bit-debuginfo-0.3.19-lp151.2.6.1
libopenmpt0-32bit-0.3.19-lp151.2.6.1
libopenmpt0-32bit-debuginfo-0.3.19-lp151.2.6.1
libopenmpt_modplug1-32bit-0.3.19-lp151.2.6.1
libopenmpt_modplug1-32bit-debuginfo-0.3.19-lp151.2.6.1


References:

https://www.suse.com/security/cve/CVE-2019-17113.html
https://bugzilla.suse.com/1153102

openSUSE-SU-2019:2307-1: important: Security update for the Linux Kernel

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2307-1
Rating: important
References: #1051510 #1054914 #1055117 #1061840 #1065600
#1065729 #1071995 #1082555 #1104967 #1109158
#1113722 #1114279 #1119086 #1123034 #1127988
#1131304 #1137069 #1137865 #1137959 #1140155
#1141013 #1142076 #1142635 #1146042 #1146540
#1146664 #1148133 #1148712 #1148868 #1149313
#1149446 #1149555 #1149651 #1150381 #1150423
#1151350 #1151610 #1151667 #1151680 #1151891
#1151955 #1152024 #1152025 #1152026 #1152161
#1152325 #1152457 #1152460 #1152466 #1152972
#1152974 #1152975
Cross-References: CVE-2017-18595 CVE-2019-14821 CVE-2019-15291
CVE-2019-9506
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves four vulnerabilities and has 48 fixes
is now available.

Description:



The openSUSE Leap 15.0 kernel was updated to receive various security and
bugfixes.

The following security bugs were fixed:

- CVE-2019-15291: There was a NULL pointer dereference caused by a
malicious USB device in the flexcop_usb_probe function in the
drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).
- CVE-2019-14821: An out-of-bounds access issue was found in the way Linux
kernel's KVM hypervisor implements the Coalesced MMIO write operation.
It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object,
wherein write indices 'ring->first' and 'ring->last' value could be
supplied by a host user-space process. An unprivileged host user or
process with access to '/dev/kvm' device could have used this flaw to
crash the host kernel, resulting in a denial of service or potentially
escalating privileges on the system (bnc#1151350).
- CVE-2017-18595: A double free might have been caused by the function
allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).
- CVE-2019-9506: The Bluetooth BR/EDR specification up to and including
version 5.1 permits sufficiently low encryption key length and did not
prevent an attacker from influencing the key length negotiation. This
allowed practical brute-force attacks (aka "KNOB") that can decrypt
traffic and inject arbitrary ciphertext without the victim noticing
(bnc#1137865 1146042).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2307=1



Package List:

- openSUSE Leap 15.0 (noarch):

kernel-devel-4.12.14-lp150.12.76.1
kernel-docs-4.12.14-lp150.12.76.1
kernel-docs-html-4.12.14-lp150.12.76.1
kernel-macros-4.12.14-lp150.12.76.1
kernel-source-4.12.14-lp150.12.76.1
kernel-source-vanilla-4.12.14-lp150.12.76.1

- openSUSE Leap 15.0 (x86_64):

kernel-debug-4.12.14-lp150.12.76.1
kernel-debug-base-4.12.14-lp150.12.76.1
kernel-debug-base-debuginfo-4.12.14-lp150.12.76.1
kernel-debug-debuginfo-4.12.14-lp150.12.76.1
kernel-debug-debugsource-4.12.14-lp150.12.76.1
kernel-debug-devel-4.12.14-lp150.12.76.1
kernel-debug-devel-debuginfo-4.12.14-lp150.12.76.1
kernel-default-4.12.14-lp150.12.76.1
kernel-default-base-4.12.14-lp150.12.76.1
kernel-default-base-debuginfo-4.12.14-lp150.12.76.1
kernel-default-debuginfo-4.12.14-lp150.12.76.1
kernel-default-debugsource-4.12.14-lp150.12.76.1
kernel-default-devel-4.12.14-lp150.12.76.1
kernel-default-devel-debuginfo-4.12.14-lp150.12.76.1
kernel-kvmsmall-4.12.14-lp150.12.76.1
kernel-kvmsmall-base-4.12.14-lp150.12.76.1
kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.76.1
kernel-kvmsmall-debuginfo-4.12.14-lp150.12.76.1
kernel-kvmsmall-debugsource-4.12.14-lp150.12.76.1
kernel-kvmsmall-devel-4.12.14-lp150.12.76.1
kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.76.1
kernel-obs-build-4.12.14-lp150.12.76.1
kernel-obs-build-debugsource-4.12.14-lp150.12.76.1
kernel-obs-qa-4.12.14-lp150.12.76.1
kernel-syms-4.12.14-lp150.12.76.1
kernel-vanilla-4.12.14-lp150.12.76.1
kernel-vanilla-base-4.12.14-lp150.12.76.1
kernel-vanilla-base-debuginfo-4.12.14-lp150.12.76.1
kernel-vanilla-debuginfo-4.12.14-lp150.12.76.1
kernel-vanilla-debugsource-4.12.14-lp150.12.76.1
kernel-vanilla-devel-4.12.14-lp150.12.76.1
kernel-vanilla-devel-debuginfo-4.12.14-lp150.12.76.1


References:

https://www.suse.com/security/cve/CVE-2017-18595.html
https://www.suse.com/security/cve/CVE-2019-14821.html
https://www.suse.com/security/cve/CVE-2019-15291.html
https://www.suse.com/security/cve/CVE-2019-9506.html
https://bugzilla.suse.com/1051510
https://bugzilla.suse.com/1054914
https://bugzilla.suse.com/1055117
https://bugzilla.suse.com/1061840
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1082555
https://bugzilla.suse.com/1104967
https://bugzilla.suse.com/1109158
https://bugzilla.suse.com/1113722
https://bugzilla.suse.com/1114279
https://bugzilla.suse.com/1119086
https://bugzilla.suse.com/1123034
https://bugzilla.suse.com/1127988
https://bugzilla.suse.com/1131304
https://bugzilla.suse.com/1137069
https://bugzilla.suse.com/1137865
https://bugzilla.suse.com/1137959
https://bugzilla.suse.com/1140155
https://bugzilla.suse.com/1141013
https://bugzilla.suse.com/1142076
https://bugzilla.suse.com/1142635
https://bugzilla.suse.com/1146042
https://bugzilla.suse.com/1146540
https://bugzilla.suse.com/1146664
https://bugzilla.suse.com/1148133
https://bugzilla.suse.com/1148712
https://bugzilla.suse.com/1148868
https://bugzilla.suse.com/1149313
https://bugzilla.suse.com/1149446
https://bugzilla.suse.com/1149555
https://bugzilla.suse.com/1149651
https://bugzilla.suse.com/1150381
https://bugzilla.suse.com/1150423
https://bugzilla.suse.com/1151350
https://bugzilla.suse.com/1151610
https://bugzilla.suse.com/1151667
https://bugzilla.suse.com/1151680
https://bugzilla.suse.com/1151891
https://bugzilla.suse.com/1151955
https://bugzilla.suse.com/1152024
https://bugzilla.suse.com/1152025
https://bugzilla.suse.com/1152026
https://bugzilla.suse.com/1152161
https://bugzilla.suse.com/1152325
https://bugzilla.suse.com/1152457
https://bugzilla.suse.com/1152460
https://bugzilla.suse.com/1152466
https://bugzilla.suse.com/1152972
https://bugzilla.suse.com/1152974
https://bugzilla.suse.com/1152975


openSUSE-SU-2019:2308-1: important: Security update for the Linux Kernel

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2308-1
Rating: important
References: #1051510 #1054914 #1055117 #1061840 #1065600
#1065729 #1071995 #1082555 #1104967 #1109158
#1111666 #1113722 #1114279 #1119086 #1123034
#1127988 #1131304 #1137069 #1137865 #1137959
#1137982 #1140155 #1141013 #1142076 #1142635
#1146042 #1146540 #1146664 #1148133 #1148712
#1148868 #1149313 #1149446 #1149555 #1149651
#1150305 #1150381 #1150423 #1150846 #1151067
#1151192 #1151350 #1151610 #1151661 #1151662
#1151667 #1151680 #1151891 #1151955 #1152024
#1152025 #1152026 #1152161 #1152187 #1152243
#1152325 #1152457 #1152460 #1152466 #1152525
#1152972 #1152974 #1152975
Cross-References: CVE-2017-18595 CVE-2019-14821 CVE-2019-15291
CVE-2019-9506
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that solves four vulnerabilities and has 59 fixes
is now available.

Description:



The openSUSE Leap 15.1 kernel was updated to receive various security and
bugfixes.

The following security bugs were fixed:

- CVE-2019-15291: There was a NULL pointer dereference caused by a
malicious USB device in the flexcop_usb_probe function in the
drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).
- CVE-2019-14821: An out-of-bounds access issue was found in the way Linux
kernel's KVM hypervisor implements the Coalesced MMIO write operation.
It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object,
wherein write indices 'ring->first' and 'ring->last' value could be
supplied by a host user-space process. An unprivileged host user or
process with access to '/dev/kvm' device could use this flaw to crash
the host kernel, resulting in a denial of service or potentially
escalating privileges on the system (bnc#1151350).
- CVE-2017-18595: A double free may be caused by the function
allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).
- CVE-2019-9506: The Bluetooth BR/EDR specification up to and including
version 5.1 permits sufficiently low encryption key length and did not
prevent an attacker from influencing the key length negotiation. This
allowed practical brute-force attacks (aka "KNOB") that can decrypt
traffic and inject arbitrary ciphertext without the victim noticing
(bnc#1137865 bnc#1146042).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2308=1



Package List:

- openSUSE Leap 15.1 (x86_64):

kernel-debug-4.12.14-lp151.28.20.1
kernel-debug-base-4.12.14-lp151.28.20.1
kernel-debug-base-debuginfo-4.12.14-lp151.28.20.1
kernel-debug-debuginfo-4.12.14-lp151.28.20.1
kernel-debug-debugsource-4.12.14-lp151.28.20.1
kernel-debug-devel-4.12.14-lp151.28.20.1
kernel-debug-devel-debuginfo-4.12.14-lp151.28.20.1
kernel-default-4.12.14-lp151.28.20.1
kernel-default-base-4.12.14-lp151.28.20.1
kernel-default-base-debuginfo-4.12.14-lp151.28.20.1
kernel-default-debuginfo-4.12.14-lp151.28.20.1
kernel-default-debugsource-4.12.14-lp151.28.20.1
kernel-default-devel-4.12.14-lp151.28.20.1
kernel-default-devel-debuginfo-4.12.14-lp151.28.20.1
kernel-kvmsmall-4.12.14-lp151.28.20.1
kernel-kvmsmall-base-4.12.14-lp151.28.20.1
kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.20.1
kernel-kvmsmall-debuginfo-4.12.14-lp151.28.20.1
kernel-kvmsmall-debugsource-4.12.14-lp151.28.20.1
kernel-kvmsmall-devel-4.12.14-lp151.28.20.1
kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.20.1
kernel-obs-build-4.12.14-lp151.28.20.1
kernel-obs-build-debugsource-4.12.14-lp151.28.20.1
kernel-obs-qa-4.12.14-lp151.28.20.1
kernel-syms-4.12.14-lp151.28.20.1
kernel-vanilla-4.12.14-lp151.28.20.1
kernel-vanilla-base-4.12.14-lp151.28.20.1
kernel-vanilla-base-debuginfo-4.12.14-lp151.28.20.1
kernel-vanilla-debuginfo-4.12.14-lp151.28.20.1
kernel-vanilla-debugsource-4.12.14-lp151.28.20.1
kernel-vanilla-devel-4.12.14-lp151.28.20.1
kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.20.1

- openSUSE Leap 15.1 (noarch):

kernel-devel-4.12.14-lp151.28.20.1
kernel-docs-4.12.14-lp151.28.20.1
kernel-docs-html-4.12.14-lp151.28.20.1
kernel-macros-4.12.14-lp151.28.20.1
kernel-source-4.12.14-lp151.28.20.1
kernel-source-vanilla-4.12.14-lp151.28.20.1


References:

https://www.suse.com/security/cve/CVE-2017-18595.html
https://www.suse.com/security/cve/CVE-2019-14821.html
https://www.suse.com/security/cve/CVE-2019-15291.html
https://www.suse.com/security/cve/CVE-2019-9506.html
https://bugzilla.suse.com/1051510
https://bugzilla.suse.com/1054914
https://bugzilla.suse.com/1055117
https://bugzilla.suse.com/1061840
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1082555
https://bugzilla.suse.com/1104967
https://bugzilla.suse.com/1109158
https://bugzilla.suse.com/1111666
https://bugzilla.suse.com/1113722
https://bugzilla.suse.com/1114279
https://bugzilla.suse.com/1119086
https://bugzilla.suse.com/1123034
https://bugzilla.suse.com/1127988
https://bugzilla.suse.com/1131304
https://bugzilla.suse.com/1137069
https://bugzilla.suse.com/1137865
https://bugzilla.suse.com/1137959
https://bugzilla.suse.com/1137982
https://bugzilla.suse.com/1140155
https://bugzilla.suse.com/1141013
https://bugzilla.suse.com/1142076
https://bugzilla.suse.com/1142635
https://bugzilla.suse.com/1146042
https://bugzilla.suse.com/1146540
https://bugzilla.suse.com/1146664
https://bugzilla.suse.com/1148133
https://bugzilla.suse.com/1148712
https://bugzilla.suse.com/1148868
https://bugzilla.suse.com/1149313
https://bugzilla.suse.com/1149446
https://bugzilla.suse.com/1149555
https://bugzilla.suse.com/1149651
https://bugzilla.suse.com/1150305
https://bugzilla.suse.com/1150381
https://bugzilla.suse.com/1150423
https://bugzilla.suse.com/1150846
https://bugzilla.suse.com/1151067
https://bugzilla.suse.com/1151192
https://bugzilla.suse.com/1151350
https://bugzilla.suse.com/1151610
https://bugzilla.suse.com/1151661
https://bugzilla.suse.com/1151662
https://bugzilla.suse.com/1151667
https://bugzilla.suse.com/1151680
https://bugzilla.suse.com/1151891
https://bugzilla.suse.com/1151955
https://bugzilla.suse.com/1152024
https://bugzilla.suse.com/1152025
https://bugzilla.suse.com/1152026
https://bugzilla.suse.com/1152161
https://bugzilla.suse.com/1152187
https://bugzilla.suse.com/1152243
https://bugzilla.suse.com/1152325
https://bugzilla.suse.com/1152457
https://bugzilla.suse.com/1152460
https://bugzilla.suse.com/1152466
https://bugzilla.suse.com/1152525
https://bugzilla.suse.com/1152972
https://bugzilla.suse.com/1152974
https://bugzilla.suse.com/1152975