SUSE-SU-2017:2114-1

Опубликовано: 09 авг. 2017

Источник: suse-cvrf

Описание

Security update for Linux Kernel Live Patch 0 for SLE 12 SP3

This update for the Linux Kernel 4.4.73-5 fixes one issue.

The following security bugs were fixed:

CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP3

kgraft-patch-4_4_73-5-default-2-2.3.2

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20172114-1/
Link for SUSE-SU-2017:2114-1
https://lists.suse.com/pipermail/sle-security-updates/2017-August/003124.html
E-Mail link for SUSE-SU-2017:2114-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1050751
SUSE Bug 1050751
https://www.suse.com/security/cve/CVE-2017-7533/
SUSE CVE CVE-2017-7533 page

Описание

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_73-5-default-2-2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2017-7533.html
CVE-2017-7533
https://bugzilla.suse.com/1049483
SUSE Bug 1049483
https://bugzilla.suse.com/1050677
SUSE Bug 1050677
https://bugzilla.suse.com/1050751
SUSE Bug 1050751
https://bugzilla.suse.com/1053919
SUSE Bug 1053919

SUSE-SU-2017:2114-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP3

Ссылки

Уязвимость: CVE-2017-7533

Описание

Затронутые продукты

Ссылки