Описание
Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2)
This update for the Linux Kernel 4.4.90-92_45 fixes several issues.
The following security issues were fixed:
- CVE-2017-17712: The raw_sendmsg() function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges (bsc#1073230).
- CVE-2017-16939: The XFRM dump policy implementation allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bsc#1069708).
Список пакетов
SUSE Linux Enterprise Live Patching 12
kgraft-patch-4_4_90-92_45-default-3-2.1
Ссылки
- Link for SUSE-SU-2018:0281-1
- E-Mail link for SUSE-SU-2018:0281-1
- SUSE Security Ratings
- SUSE Bug 1069708
- SUSE Bug 1070307
- SUSE Bug 1073230
- SUSE CVE CVE-2017-16939 page
- SUSE CVE CVE-2017-17712 page
Описание
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_90-92_45-default-3-2.1
Ссылки
- CVE-2017-16939
- SUSE Bug 1069702
- SUSE Bug 1069708
- SUSE Bug 1115893
- SUSE Bug 1120260
Описание
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_90-92_45-default-3-2.1
Ссылки
- CVE-2017-17712
- SUSE Bug 1073229
- SUSE Bug 1073230