Описание
Security update for Linux Kernel Live Patch 1 for SLE 12 SP3
This update for the Linux Kernel 4.4.82-6_3 fixes one issue.
The following security issue was fixed:
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP3
kgraft-patch-4_4_82-6_3-default-2-2.1
Ссылки
- Link for SUSE-SU-2017:2794-1
- E-Mail link for SUSE-SU-2017:2794-1
- SUSE Security Ratings
- SUSE Bug 1057950
- SUSE CVE CVE-2017-1000251 page
Описание
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-2-2.1
Ссылки
- CVE-2017-1000251
- SUSE Bug 1057389
- SUSE Bug 1057950
- SUSE Bug 1070535
- SUSE Bug 1072117
- SUSE Bug 1072162
- SUSE Bug 1120758