Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:2100-1

Опубликовано: 08 авг. 2017
Источник: suse-cvrf

Описание

Security update for Linux Kernel Live Patch 21 for SLE 12

This update for the Linux Kernel 3.12.61-52_72 fixes several issues.

The following security bugs were fixed:

  • CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).
  • CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).
  • A SUSE Linux Enterprise specific regression in tearing down network namespaces was fixed (bsc#1044878)
  • CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).

Список пакетов

SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_61-52_72-default-3-2.1
kgraft-patch-3_12_61-52_72-xen-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12
kgraft-patch-3_12_61-52_72-default-3-2.1
kgraft-patch-3_12_61-52_72-xen-3-2.1

Ссылки

Описание

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_72-default-3-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_72-xen-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_72-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_72-xen-3-2.1
Ссылки

Описание

The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_72-default-3-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_72-xen-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_72-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_72-xen-3-2.1
Ссылки

Описание

The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_72-default-3-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_72-xen-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_72-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_72-xen-3-2.1
Ссылки
Уязвимость SUSE-SU-2017:2100-1