Описание
Security update for util-linux
This update for util-linux fixes the following issues:
This security issue was fixed:
- CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041).
This non-security issues were fixed:
- lscpu: Implement WSL detection and work around crash (bsc#1019332)
- fstrim: De-duplicate btrfs sub-volumes for 'fstrim -a' and bind mounts (bsc#1020077)
- Fix regressions in safe loop re-use patch set for libmount (bsc#1012504)
- Disable ro checks for mtab (bsc#1012632)
- Ensure that the option 'users,exec,dev,suid' work as expected on NFS mounts (bsc#1008965)
- Fix empty slave detection to prevent 100% CPU load in some cases (bsc#1020985)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libblkid1-2.28-44.3.1
libblkid1-32bit-2.28-44.3.1
libfdisk1-2.28-44.3.1
libmount1-2.28-44.3.1
libmount1-32bit-2.28-44.3.1
libsmartcols1-2.28-44.3.1
libuuid-devel-2.28-44.3.1
libuuid1-2.28-44.3.1
libuuid1-32bit-2.28-44.3.1
python-libmount-2.28-44.3.3
util-linux-2.28-44.3.1
util-linux-lang-2.28-44.3.1
util-linux-systemd-2.28-44.3.3
uuidd-2.28-44.3.3
SUSE Linux Enterprise Server 12 SP2
libblkid1-2.28-44.3.1
libblkid1-32bit-2.28-44.3.1
libfdisk1-2.28-44.3.1
libmount1-2.28-44.3.1
libmount1-32bit-2.28-44.3.1
libsmartcols1-2.28-44.3.1
libuuid1-2.28-44.3.1
libuuid1-32bit-2.28-44.3.1
python-libmount-2.28-44.3.3
util-linux-2.28-44.3.1
util-linux-lang-2.28-44.3.1
util-linux-systemd-2.28-44.3.3
uuidd-2.28-44.3.3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libblkid1-2.28-44.3.1
libfdisk1-2.28-44.3.1
libmount1-2.28-44.3.1
libsmartcols1-2.28-44.3.1
libuuid1-2.28-44.3.1
python-libmount-2.28-44.3.3
util-linux-2.28-44.3.1
util-linux-lang-2.28-44.3.1
util-linux-systemd-2.28-44.3.3
uuidd-2.28-44.3.3
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libblkid1-2.28-44.3.1
libblkid1-32bit-2.28-44.3.1
libfdisk1-2.28-44.3.1
libmount1-2.28-44.3.1
libmount1-32bit-2.28-44.3.1
libsmartcols1-2.28-44.3.1
libuuid1-2.28-44.3.1
libuuid1-32bit-2.28-44.3.1
python-libmount-2.28-44.3.3
util-linux-2.28-44.3.1
util-linux-lang-2.28-44.3.1
util-linux-systemd-2.28-44.3.3
uuidd-2.28-44.3.3
SUSE Linux Enterprise Software Development Kit 12 SP2
libblkid-devel-2.28-44.3.1
libmount-devel-2.28-44.3.1
libsmartcols-devel-2.28-44.3.1
libuuid-devel-2.28-44.3.1
SUSE Linux Enterprise Workstation Extension 12 SP2
libuuid-devel-2.28-44.3.1
Ссылки
- Link for SUSE-SU-2017:0554-1
- E-Mail link for SUSE-SU-2017:0554-1
- SUSE Security Ratings
- SUSE Bug 1008965
- SUSE Bug 1012504
- SUSE Bug 1012632
- SUSE Bug 1019332
- SUSE Bug 1020077
- SUSE Bug 1020985
- SUSE Bug 1023041
- SUSE CVE CVE-2017-2616 page
Описание
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libblkid1-2.28-44.3.1
SUSE Linux Enterprise Desktop 12 SP2:libblkid1-32bit-2.28-44.3.1
SUSE Linux Enterprise Desktop 12 SP2:libfdisk1-2.28-44.3.1
SUSE Linux Enterprise Desktop 12 SP2:libmount1-2.28-44.3.1
Ссылки
- CVE-2017-2616
- SUSE Bug 1023041
- SUSE Bug 1123789