Описание
Security update for kernel live patch 11
This kernel live patch for Linux Kernel 3.12.51-52.39.1 fixes two security issues:
Fixes:
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (bsc#955837)
Список пакетов
SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_51-52_39-default-2-2.1
kgraft-patch-3_12_51-52_39-xen-2-2.1
Ссылки
- Link for SUSE-SU-2016:0754-1
- E-Mail link for SUSE-SU-2016:0754-1
- SUSE Security Ratings
- SUSE Bug 955837
- SUSE CVE CVE-2013-7446 page
Описание
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-2-2.1
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-2-2.1
Ссылки
- CVE-2013-7446
- SUSE Bug 1020452
- SUSE Bug 955654
- SUSE Bug 955837