Описание
Security update for kernel live patch 10
This kernel live patch for Linux Kernel 3.12.51-52.34.1 fixes two security issues:
Fixes:
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (bsc#955837)
Список пакетов
SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_51-52_34-default-3-2.1
kgraft-patch-3_12_51-52_34-xen-3-2.1
Ссылки
- Link for SUSE-SU-2016:0749-1
- E-Mail link for SUSE-SU-2016:0749-1
- SUSE Security Ratings
- SUSE Bug 955837
- SUSE CVE CVE-2013-7446 page
Описание
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-3-2.1
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-3-2.1
Ссылки
- CVE-2013-7446
- SUSE Bug 1020452
- SUSE Bug 955654
- SUSE Bug 955837