Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:2459-1

Опубликовано: 14 сент. 2017
Источник: suse-cvrf

Описание

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive the following security fixes:

  • CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was vulnerable to a stack overflow while processing L2CAP configuration responses, resulting in a potential remote denial-of-service vulnerability but no remote code execution due to use of CONFIG_CC_STACKPROTECTOR. [bnc#1057389]

Список пакетов

SUSE Linux Enterprise Module for Public Cloud 12
kernel-ec2-3.12.74-60.64.60.1
kernel-ec2-devel-3.12.74-60.64.60.1
kernel-ec2-extra-3.12.74-60.64.60.1
SUSE Linux Enterprise Server 12 SP1-LTSS
kernel-default-3.12.74-60.64.60.1
kernel-default-base-3.12.74-60.64.60.1
kernel-default-devel-3.12.74-60.64.60.1
kernel-default-man-3.12.74-60.64.60.1
kernel-devel-3.12.74-60.64.60.1
kernel-macros-3.12.74-60.64.60.1
kernel-source-3.12.74-60.64.60.1
kernel-syms-3.12.74-60.64.60.1
kernel-xen-3.12.74-60.64.60.1
kernel-xen-base-3.12.74-60.64.60.1
kernel-xen-devel-3.12.74-60.64.60.1
kgraft-patch-3_12_74-60_64_60-default-1-2.1
kgraft-patch-3_12_74-60_64_60-xen-1-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
kernel-default-3.12.74-60.64.60.1
kernel-default-base-3.12.74-60.64.60.1
kernel-default-devel-3.12.74-60.64.60.1
kernel-devel-3.12.74-60.64.60.1
kernel-macros-3.12.74-60.64.60.1
kernel-source-3.12.74-60.64.60.1
kernel-syms-3.12.74-60.64.60.1
kernel-xen-3.12.74-60.64.60.1
kernel-xen-base-3.12.74-60.64.60.1
kernel-xen-devel-3.12.74-60.64.60.1
kgraft-patch-3_12_74-60_64_60-default-1-2.1
kgraft-patch-3_12_74-60_64_60-xen-1-2.1
SUSE OpenStack Cloud 6
kernel-default-3.12.74-60.64.60.1
kernel-default-base-3.12.74-60.64.60.1
kernel-default-devel-3.12.74-60.64.60.1
kernel-devel-3.12.74-60.64.60.1
kernel-macros-3.12.74-60.64.60.1
kernel-source-3.12.74-60.64.60.1
kernel-syms-3.12.74-60.64.60.1
kernel-xen-3.12.74-60.64.60.1
kernel-xen-base-3.12.74-60.64.60.1
kernel-xen-devel-3.12.74-60.64.60.1
kgraft-patch-3_12_74-60_64_60-default-1-2.1
kgraft-patch-3_12_74-60_64_60-xen-1-2.1

Ссылки

Описание

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.

Затронутые продукты
SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.60.1
SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.60.1
SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.60.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.60.1
Ссылки
Уязвимость SUSE-SU-2017:2459-1