Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive the following security fixes:
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was vulnerable to a stack overflow while processing L2CAP configuration responses, resulting in a potential remote code execution vulnerability. [bnc#1057389]
Список пакетов
SUSE Linux Enterprise Server 11 SP4
kernel-bigmem-3.0.101-108.10.1
kernel-bigmem-base-3.0.101-108.10.1
kernel-bigmem-devel-3.0.101-108.10.1
kernel-default-3.0.101-108.10.1
kernel-default-base-3.0.101-108.10.1
kernel-default-devel-3.0.101-108.10.1
kernel-default-man-3.0.101-108.10.1
kernel-ec2-3.0.101-108.10.1
kernel-ec2-base-3.0.101-108.10.1
kernel-ec2-devel-3.0.101-108.10.1
kernel-pae-3.0.101-108.10.1
kernel-pae-base-3.0.101-108.10.1
kernel-pae-devel-3.0.101-108.10.1
kernel-ppc64-3.0.101-108.10.1
kernel-ppc64-base-3.0.101-108.10.1
kernel-ppc64-devel-3.0.101-108.10.1
kernel-source-3.0.101-108.10.1
kernel-syms-3.0.101-108.10.1
kernel-trace-3.0.101-108.10.1
kernel-trace-base-3.0.101-108.10.1
kernel-trace-devel-3.0.101-108.10.1
kernel-xen-3.0.101-108.10.1
kernel-xen-base-3.0.101-108.10.1
kernel-xen-devel-3.0.101-108.10.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
kernel-bigmem-3.0.101-108.10.1
kernel-bigmem-base-3.0.101-108.10.1
kernel-bigmem-devel-3.0.101-108.10.1
kernel-default-3.0.101-108.10.1
kernel-default-base-3.0.101-108.10.1
kernel-default-devel-3.0.101-108.10.1
kernel-default-man-3.0.101-108.10.1
kernel-ec2-3.0.101-108.10.1
kernel-ec2-base-3.0.101-108.10.1
kernel-ec2-devel-3.0.101-108.10.1
kernel-pae-3.0.101-108.10.1
kernel-pae-base-3.0.101-108.10.1
kernel-pae-devel-3.0.101-108.10.1
kernel-ppc64-3.0.101-108.10.1
kernel-ppc64-base-3.0.101-108.10.1
kernel-ppc64-devel-3.0.101-108.10.1
kernel-source-3.0.101-108.10.1
kernel-syms-3.0.101-108.10.1
kernel-trace-3.0.101-108.10.1
kernel-trace-base-3.0.101-108.10.1
kernel-trace-devel-3.0.101-108.10.1
kernel-xen-3.0.101-108.10.1
kernel-xen-base-3.0.101-108.10.1
kernel-xen-devel-3.0.101-108.10.1
SUSE Linux Enterprise Software Development Kit 11 SP4
kernel-docs-3.0.101-108.10.2
Ссылки
- Link for SUSE-SU-2017:2548-1
- E-Mail link for SUSE-SU-2017:2548-1
- SUSE Security Ratings
- SUSE Bug 1057389
- SUSE CVE CVE-2017-1000251 page
Описание
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.10.1
SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.10.1
SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.10.1
SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.10.1
Ссылки
- CVE-2017-1000251
- SUSE Bug 1057389
- SUSE Bug 1057950
- SUSE Bug 1070535
- SUSE Bug 1072117
- SUSE Bug 1072162
- SUSE Bug 1120758