Описание
Security update for the Linux Kernel (Live Patch 29 for SLE 12)
This update for the Linux Kernel 3.12.61-52_106 fixes several issues.
The following security issue was fixed:
- CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bsc#1064388)
Список пакетов
SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_61-52_106-default-2-2.1
kgraft-patch-3_12_61-52_106-xen-2-2.1
Ссылки
- Link for SUSE-SU-2017:3315-1
- E-Mail link for SUSE-SU-2017:3315-1
- SUSE Security Ratings
- SUSE Bug 1064388
- SUSE Bug 1064392
- SUSE CVE CVE-2017-15649 page
Описание
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_106-default-2-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_106-xen-2-2.1
Ссылки
- CVE-2017-15649
- SUSE Bug 1064388
- SUSE Bug 1064392
- SUSE Bug 1087082