SUSE-SU-2016:1710-1

Опубликовано: 30 июн. 2016

Источник: suse-cvrf

Описание

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 GA kernel was updated to receive one critical security fix.

Security issue fixed:

CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables handling could lead to a local privilege escalation. (bsc#986362)

Список пакетов

SUSE Linux Enterprise Desktop 12

kernel-default-3.12.60-52.54.2

kernel-default-devel-3.12.60-52.54.2

kernel-default-extra-3.12.60-52.54.2

kernel-devel-3.12.60-52.54.1

kernel-macros-3.12.60-52.54.1

kernel-source-3.12.60-52.54.1

kernel-syms-3.12.60-52.54.1

kernel-xen-3.12.60-52.54.2

kernel-xen-devel-3.12.60-52.54.2

SUSE Linux Enterprise Live Patching 12

kgraft-patch-3_12_60-52_54-default-1-2.3

kgraft-patch-3_12_60-52_54-xen-1-2.3

SUSE Linux Enterprise Module for Public Cloud 12

kernel-ec2-3.12.60-52.54.2

kernel-ec2-devel-3.12.60-52.54.2

kernel-ec2-extra-3.12.60-52.54.2

SUSE Linux Enterprise Server 12

kernel-default-3.12.60-52.54.2

kernel-default-base-3.12.60-52.54.2

kernel-default-devel-3.12.60-52.54.2

kernel-default-man-3.12.60-52.54.2

kernel-devel-3.12.60-52.54.1

kernel-macros-3.12.60-52.54.1

kernel-source-3.12.60-52.54.1

kernel-syms-3.12.60-52.54.1

kernel-xen-3.12.60-52.54.2

kernel-xen-base-3.12.60-52.54.2

kernel-xen-devel-3.12.60-52.54.2

SUSE Linux Enterprise Server for SAP Applications 12

kernel-default-3.12.60-52.54.2

kernel-default-base-3.12.60-52.54.2

kernel-default-devel-3.12.60-52.54.2

kernel-default-man-3.12.60-52.54.2

kernel-devel-3.12.60-52.54.1

kernel-macros-3.12.60-52.54.1

kernel-source-3.12.60-52.54.1

kernel-syms-3.12.60-52.54.1

kernel-xen-3.12.60-52.54.2

kernel-xen-base-3.12.60-52.54.2

kernel-xen-devel-3.12.60-52.54.2

SUSE Linux Enterprise Software Development Kit 12

kernel-docs-3.12.60-52.54.3

kernel-obs-build-3.12.60-52.54.3

SUSE Linux Enterprise Workstation Extension 12

kernel-default-extra-3.12.60-52.54.2

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20161710-1/
Link for SUSE-SU-2016:1710-1
https://lists.suse.com/pipermail/sle-security-updates/2016-June/002144.html
E-Mail link for SUSE-SU-2016:1710-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/986362
SUSE Bug 986362
https://www.suse.com/security/cve/CVE-2016-4997/
SUSE CVE CVE-2016-4997 page

Описание

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

Затронутые продукты

SUSE Linux Enterprise Desktop 12:kernel-default-3.12.60-52.54.2

SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.60-52.54.2

SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.60-52.54.2

SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.60-52.54.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-4997.html
CVE-2016-4997
https://bugzilla.suse.com/1020452
SUSE Bug 1020452
https://bugzilla.suse.com/986362
SUSE Bug 986362
https://bugzilla.suse.com/986365
SUSE Bug 986365
https://bugzilla.suse.com/986377
SUSE Bug 986377
https://bugzilla.suse.com/991651
SUSE Bug 991651

SUSE-SU-2016:1710-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12

SUSE Linux Enterprise Live Patching 12

SUSE Linux Enterprise Module for Public Cloud 12

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Server for SAP Applications 12

SUSE Linux Enterprise Software Development Kit 12

SUSE Linux Enterprise Workstation Extension 12

Ссылки

Уязвимость: CVE-2016-4997

Описание

Затронутые продукты

Ссылки