Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1001-1

Опубликовано: 20 апр. 2018
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 27 for SLE 12)

This update for the Linux Kernel 3.12.61-52_92 fixes several issues.

The following security issues were fixed:

  • CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. (bsc#1085447).
  • CVE-2018-1068: A flaw was found in the Linux kernels implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114).
  • CVE-2018-1000004: A race condition vulnerability existed in the sound system, which could lead to a deadlock and denial of service condition (bsc#1076017)

Список пакетов

SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_61-52_92-default-6-2.1
kgraft-patch-3_12_61-52_92-xen-6-2.1

Ссылки

Описание

An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-default-6-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-xen-6-2.1
Ссылки

Описание

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-default-6-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-xen-6-2.1
Ссылки

Описание

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-default-6-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-xen-6-2.1
Ссылки

Описание

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-default-6-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_92-xen-6-2.1
Ссылки
Уязвимость SUSE-SU-2018:1001-1