Описание
Security update for Linux Kernel Live Patch 12 for SLE 12
This update for the Linux Kernel 3.12.55-52_42 fixes one issue.
The following security bug was fixed:
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).
Список пакетов
SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_55-52_42-default-7-2.1
kgraft-patch-3_12_55-52_42-xen-7-2.1
SUSE Linux Enterprise Server for SAP Applications 12
kgraft-patch-3_12_55-52_42-default-7-2.1
kgraft-patch-3_12_55-52_42-xen-7-2.1
Ссылки
- Link for SUSE-SU-2017:0771-1
- E-Mail link for SUSE-SU-2017:0771-1
- SUSE Security Ratings
- SUSE Bug 1025013
- SUSE CVE CVE-2017-5970 page
Описание
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-7-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-7-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-7-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-7-2.1
Ссылки
- CVE-2017-5970
- SUSE Bug 1024938
- SUSE Bug 1025013
- SUSE Bug 1115893