vulnerability
SUSE: CVE-2019-15902: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | Sep 4, 2019 | Sep 21, 2019 | Feb 4, 2022 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
Sep 4, 2019
Added
Sep 21, 2019
Modified
Feb 4, 2022
Description
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
Solution(s)
suse-upgrade-kernel-azure-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-ec2suse-upgrade-kernel-ec2-develsuse-upgrade-kernel-ec2-extrasuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-source-azure
References
- SUSE-SUSE-SU-2019:14218-1
- SUSE-SUSE-SU-2019:2412-1
- SUSE-SUSE-SU-2019:2414-1
- SUSE-SUSE-SU-2019:2424-1
- SUSE-SUSE-SU-2019:2648-1
- SUSE-SUSE-SU-2019:2651-1
- SUSE-SUSE-SU-2019:2658-1
- SUSE-SUSE-SU-2019:2738-1
- SUSE-SUSE-SU-2019:2756-1
- SUSE-SUSE-SU-2019:2949-1
- SUSE-SUSE-SU-2019:2950-1
- SUSE-SUSE-SU-2019:2984-1
- UBUNTU-USN-4157-1
- UBUNTU-USN-4157-2
- UBUNTU-USN-4162-1
- UBUNTU-USN-4162-2
- UBUNTU-USN-4163-1
- UBUNTU-USN-4163-2
- NVD-CVE-2019-15902
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.