Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1016-1

Опубликовано: 20 апр. 2018
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 31 for SLE 12)

This update for the Linux Kernel 3.12.61-52_119 fixes several issues.

The following security issues were fixed:

  • CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. (bsc#1085447).
  • CVE-2018-1068: A flaw was found in the Linux kernels implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114).
  • CVE-2018-7566: The Linux kernel had a buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user (bsc#1083488).

Список пакетов

SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_61-52_119-default-3-2.1
kgraft-patch-3_12_61-52_119-xen-3-2.1

Ссылки

Описание

An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_119-default-3-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_119-xen-3-2.1
Ссылки

Описание

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_119-default-3-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_119-xen-3-2.1
Ссылки

Описание

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_119-default-3-2.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_119-xen-3-2.1
Ссылки