SUSE-SU-2016:0336-1

Опубликовано: 04 фев. 2016

Источник: suse-cvrf

Описание

Security update for kernel live patch 9

This kernel live patch for Linux Kernel 3.12.51-52.31.1 fixes a security issue:

Security issues fixed:

CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601).

Список пакетов

SUSE Linux Enterprise Live Patching 12

kgraft-patch-3_12_51-52_31-default-2-2.1

kgraft-patch-3_12_51-52_31-xen-2-2.1

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20160336-1/
Link for SUSE-SU-2016:0336-1
https://lists.suse.com/pipermail/sle-security-updates/2016-February/001844.html
E-Mail link for SUSE-SU-2016:0336-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/958601
SUSE Bug 958601
https://www.suse.com/security/cve/CVE-2015-8539/
SUSE CVE CVE-2015-8539 page

Описание

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-2-2.1

SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-2-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8539.html
CVE-2015-8539
https://bugzilla.suse.com/1115893
SUSE Bug 1115893
https://bugzilla.suse.com/781018
SUSE Bug 781018
https://bugzilla.suse.com/958463
SUSE Bug 958463
https://bugzilla.suse.com/958601
SUSE Bug 958601

SUSE-SU-2016:0336-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12

Ссылки

Уязвимость: CVE-2015-8539

Описание

Затронутые продукты

Ссылки