SUSE-SU-2017:1295-1

Опубликовано: 15 мая 2017

Источник: suse-cvrf

Описание

Security update for Linux Kernel Live Patch 4 for SLE 12 SP2

This update for the Linux Kernel 4.4.38-93 fixes several issues.

The following security bugs were fixed:

CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bsc#1030575, bsc#1031660).
CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bsc#1031440, bsc#1031481).

Список пакетов

SUSE Linux Enterprise Live Patching 12

kgraft-patch-4_4_38-93-default-5-2.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20171295-1/
Link for SUSE-SU-2017:1295-1
https://lists.suse.com/pipermail/sle-security-updates/2017-May/002876.html
E-Mail link for SUSE-SU-2017:1295-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1030575
SUSE Bug 1030575
https://bugzilla.suse.com/1031440
SUSE Bug 1031440
https://bugzilla.suse.com/1031481
SUSE Bug 1031481
https://bugzilla.suse.com/1031660
SUSE Bug 1031660
https://www.suse.com/security/cve/CVE-2017-7294/
SUSE CVE CVE-2017-7294 page
https://www.suse.com/security/cve/CVE-2017-7308/
SUSE CVE CVE-2017-7308 page

Описание

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_38-93-default-5-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7294.html
CVE-2017-7294
https://bugzilla.suse.com/1027179
SUSE Bug 1027179
https://bugzilla.suse.com/1031440
SUSE Bug 1031440
https://bugzilla.suse.com/1031481
SUSE Bug 1031481
https://bugzilla.suse.com/1115893
SUSE Bug 1115893

Описание

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_38-93-default-5-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7308.html
CVE-2017-7308
https://bugzilla.suse.com/1027179
SUSE Bug 1027179
https://bugzilla.suse.com/1031579
SUSE Bug 1031579
https://bugzilla.suse.com/1031660
SUSE Bug 1031660
https://bugzilla.suse.com/1115893
SUSE Bug 1115893

SUSE-SU-2017:1295-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12

Ссылки

Уязвимость: CVE-2017-7294

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-7308

Описание

Затронутые продукты

Ссылки