Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 kernel was updated to 3.12.61 to receive the following security update:
- CVE-2017-7533: Bug in inotify code allowed privilege escalation (bnc#1049483).
Список пакетов
SUSE Linux Enterprise Module for Public Cloud 12
kernel-ec2-3.12.61-52.83.1
kernel-ec2-devel-3.12.61-52.83.1
kernel-ec2-extra-3.12.61-52.83.1
SUSE Linux Enterprise Server 12-LTSS
kernel-default-3.12.61-52.83.1
kernel-default-base-3.12.61-52.83.1
kernel-default-devel-3.12.61-52.83.1
kernel-default-man-3.12.61-52.83.1
kernel-devel-3.12.61-52.83.1
kernel-macros-3.12.61-52.83.1
kernel-source-3.12.61-52.83.1
kernel-syms-3.12.61-52.83.1
kernel-xen-3.12.61-52.83.1
kernel-xen-base-3.12.61-52.83.1
kernel-xen-devel-3.12.61-52.83.1
kgraft-patch-3_12_61-52_83-default-1-2.1
kgraft-patch-3_12_61-52_83-xen-1-2.1
SUSE Linux Enterprise Server for SAP Applications 12
kernel-default-3.12.61-52.83.1
kernel-default-base-3.12.61-52.83.1
kernel-default-devel-3.12.61-52.83.1
kernel-devel-3.12.61-52.83.1
kernel-macros-3.12.61-52.83.1
kernel-source-3.12.61-52.83.1
kernel-syms-3.12.61-52.83.1
kernel-xen-3.12.61-52.83.1
kernel-xen-base-3.12.61-52.83.1
kernel-xen-devel-3.12.61-52.83.1
kgraft-patch-3_12_61-52_83-default-1-2.1
kgraft-patch-3_12_61-52_83-xen-1-2.1
Ссылки
- Link for SUSE-SU-2017:2074-1
- E-Mail link for SUSE-SU-2017:2074-1
- SUSE Security Ratings
- SUSE Bug 1049483
- SUSE CVE CVE-2017-7533 page
Описание
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
Затронутые продукты
SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.83.1
SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.83.1
SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.83.1
SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.83.1
Ссылки
- CVE-2017-7533
- SUSE Bug 1049483
- SUSE Bug 1050677
- SUSE Bug 1050751
- SUSE Bug 1053919