Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs:
- CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bnc#1030573, bnc#1028372).
- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
kernel-default-4.4.49-92.14.1
kernel-default-devel-4.4.49-92.14.1
kernel-default-extra-4.4.49-92.14.1
kernel-devel-4.4.49-92.14.1
kernel-macros-4.4.49-92.14.1
kernel-source-4.4.49-92.14.1
kernel-syms-4.4.49-92.14.1
SUSE Linux Enterprise High Availability Extension 12 SP2
cluster-md-kmp-default-4.4.49-92.14.1
cluster-network-kmp-default-4.4.49-92.14.1
dlm-kmp-default-4.4.49-92.14.1
gfs2-kmp-default-4.4.49-92.14.1
ocfs2-kmp-default-4.4.49-92.14.1
SUSE Linux Enterprise Live Patching 12
kgraft-patch-4_4_49-92_14-default-1-2.1
SUSE Linux Enterprise Server 12 SP2
kernel-default-4.4.49-92.14.1
kernel-default-base-4.4.49-92.14.1
kernel-default-devel-4.4.49-92.14.1
kernel-default-man-4.4.49-92.14.1
kernel-devel-4.4.49-92.14.1
kernel-macros-4.4.49-92.14.1
kernel-source-4.4.49-92.14.1
kernel-syms-4.4.49-92.14.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
kernel-default-4.4.49-92.14.1
kernel-default-base-4.4.49-92.14.1
kernel-default-devel-4.4.49-92.14.1
kernel-devel-4.4.49-92.14.1
kernel-macros-4.4.49-92.14.1
kernel-source-4.4.49-92.14.1
kernel-syms-4.4.49-92.14.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
kernel-default-4.4.49-92.14.1
kernel-default-base-4.4.49-92.14.1
kernel-default-devel-4.4.49-92.14.1
kernel-default-man-4.4.49-92.14.1
kernel-devel-4.4.49-92.14.1
kernel-macros-4.4.49-92.14.1
kernel-source-4.4.49-92.14.1
kernel-syms-4.4.49-92.14.1
SUSE Linux Enterprise Software Development Kit 12 SP2
kernel-docs-4.4.49-92.14.3
kernel-obs-build-4.4.49-92.14.1
SUSE Linux Enterprise Workstation Extension 12 SP2
kernel-default-extra-4.4.49-92.14.1
Ссылки
- Link for SUSE-SU-2017:0864-1
- E-Mail link for SUSE-SU-2017:0864-1
- SUSE Security Ratings
- SUSE Bug 1027565
- SUSE Bug 1028372
- SUSE Bug 1030573
- SUSE CVE CVE-2017-2636 page
- SUSE CVE CVE-2017-7184 page
Описание
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.14.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.14.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.14.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.14.1
Ссылки
- CVE-2017-2636
- SUSE Bug 1027565
- SUSE Bug 1027575
- SUSE Bug 1028372
- SUSE Bug 1115893
Описание
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.14.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.14.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.14.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.14.1
Ссылки
- CVE-2017-7184
- SUSE Bug 1030573
- SUSE Bug 1030575
- SUSE Bug 1115893