Описание
Security update for Linux Kernel Live Patch 12 for SLE 12 SP1
This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues.
The following security bug was fixed:
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).
The following non-security bug was fixed:
- Fix for a 'Data miscompare on a read' which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254)
Список пакетов
SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_69-60_64_29-default-2-2.1
kgraft-patch-3_12_69-60_64_29-xen-2-2.1
Ссылки
- Link for SUSE-SU-2017:0786-1
- E-Mail link for SUSE-SU-2017:0786-1
- SUSE Security Ratings
- SUSE Bug 1025013
- SUSE Bug 1025254
- SUSE CVE CVE-2017-5970 page
Описание
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_69-60_64_29-default-2-2.1
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_69-60_64_29-xen-2-2.1
Ссылки
- CVE-2017-5970
- SUSE Bug 1024938
- SUSE Bug 1025013
- SUSE Bug 1115893