Описание
Security update for Linux Kernel Live Patch 0 for SLE 12 SP2
This update for the Linux Kernel 4.4.21-69 fixes one issue.
The following security bugs were fixed:
- CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575).
Список пакетов
SUSE Linux Enterprise Live Patching 12
kgraft-patch-4_4_21-69-default-5-14.2
Ссылки
- Link for SUSE-SU-2017:0870-1
- E-Mail link for SUSE-SU-2017:0870-1
- SUSE Security Ratings
- SUSE Bug 1030575
- SUSE CVE CVE-2017-7184 page
Описание
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-69-default-5-14.2
Ссылки
- CVE-2017-7184
- SUSE Bug 1030573
- SUSE Bug 1030575
- SUSE Bug 1115893