Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 GA kernel was updated to fix one security issue.
The following security bug was fixed:
- CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid (bsc#983143).
Список пакетов
SUSE Linux Enterprise Desktop 12
kernel-default-3.12.55-52.45.1
kernel-default-devel-3.12.55-52.45.1
kernel-default-extra-3.12.55-52.45.1
kernel-devel-3.12.55-52.45.1
kernel-macros-3.12.55-52.45.1
kernel-source-3.12.55-52.45.1
kernel-syms-3.12.55-52.45.1
kernel-xen-3.12.55-52.45.1
kernel-xen-devel-3.12.55-52.45.1
SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_55-52_45-default-1-3.1
kgraft-patch-3_12_55-52_45-xen-1-3.1
SUSE Linux Enterprise Module for Public Cloud 12
kernel-ec2-3.12.55-52.45.1
kernel-ec2-devel-3.12.55-52.45.1
kernel-ec2-extra-3.12.55-52.45.1
SUSE Linux Enterprise Server 12
kernel-default-3.12.55-52.45.1
kernel-default-base-3.12.55-52.45.1
kernel-default-devel-3.12.55-52.45.1
kernel-default-man-3.12.55-52.45.1
kernel-devel-3.12.55-52.45.1
kernel-macros-3.12.55-52.45.1
kernel-source-3.12.55-52.45.1
kernel-syms-3.12.55-52.45.1
kernel-xen-3.12.55-52.45.1
kernel-xen-base-3.12.55-52.45.1
kernel-xen-devel-3.12.55-52.45.1
SUSE Linux Enterprise Server for SAP Applications 12
kernel-default-3.12.55-52.45.1
kernel-default-base-3.12.55-52.45.1
kernel-default-devel-3.12.55-52.45.1
kernel-default-man-3.12.55-52.45.1
kernel-devel-3.12.55-52.45.1
kernel-macros-3.12.55-52.45.1
kernel-source-3.12.55-52.45.1
kernel-syms-3.12.55-52.45.1
kernel-xen-3.12.55-52.45.1
kernel-xen-base-3.12.55-52.45.1
kernel-xen-devel-3.12.55-52.45.1
SUSE Linux Enterprise Software Development Kit 12
kernel-docs-3.12.55-52.45.4
kernel-obs-build-3.12.55-52.45.1
SUSE Linux Enterprise Workstation Extension 12
kernel-default-extra-3.12.55-52.45.1
Ссылки
- Link for SUSE-SU-2016:1596-1
- E-Mail link for SUSE-SU-2016:1596-1
- SUSE Security Ratings
- SUSE Bug 983143
- SUSE CVE CVE-2016-1583 page
Описание
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.45.1
SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.45.1
SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.45.1
SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.45.1
Ссылки
- CVE-2016-1583
- SUSE Bug 1020452
- SUSE Bug 1052256
- SUSE Bug 983143
- SUSE Bug 983144