Описание
Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
This update for the Linux Kernel 3.12.57-60_35 fixes one issue.
The following security bug was fixed:
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).
Список пакетов
SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_57-60_35-default-8-2.1
kgraft-patch-3_12_57-60_35-xen-8-2.1
Ссылки
- Link for SUSE-SU-2017:0774-1
- E-Mail link for SUSE-SU-2017:0774-1
- SUSE Security Ratings
- SUSE Bug 1025013
- SUSE CVE CVE-2017-5970 page
Описание
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-8-2.1
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-8-2.1
Ссылки
- CVE-2017-5970
- SUSE Bug 1024938
- SUSE Bug 1025013
- SUSE Bug 1115893