Описание
Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP1)
This update for the Linux Kernel 3.12.74-60_64_82 fixes several issues.
The following security issues were fixed:
- CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. (bsc#1085447).
- CVE-2018-1068: A flaw was found in the Linux kernels implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114).
- CVE-2018-7566: The Linux kernel had a buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user (bsc#1083488).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
kgraft-patch-3_12_74-60_64_82-default-2-2.1
kgraft-patch-3_12_74-60_64_82-xen-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
kgraft-patch-3_12_74-60_64_82-default-2-2.1
kgraft-patch-3_12_74-60_64_82-xen-2-2.1
Ссылки
- Link for SUSE-SU-2018:1026-1
- E-Mail link for SUSE-SU-2018:1026-1
- SUSE Security Ratings
- SUSE Bug 1083488
- SUSE Bug 1085114
- SUSE Bug 1085447
- SUSE CVE CVE-2017-13166 page
- SUSE CVE CVE-2018-1068 page
- SUSE CVE CVE-2018-7566 page
Описание
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_82-default-2-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_82-xen-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_82-default-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_82-xen-2-2.1
Ссылки
- CVE-2017-13166
- SUSE Bug 1072865
- SUSE Bug 1085447
- SUSE Bug 1087082
- SUSE Bug 1091815
Описание
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_82-default-2-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_82-xen-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_82-default-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_82-xen-2-2.1
Ссылки
- CVE-2018-1068
- SUSE Bug 1085107
- SUSE Bug 1085114
- SUSE Bug 1087082
- SUSE Bug 1123903
Описание
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_82-default-2-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_82-xen-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_82-default-2-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_82-xen-2-2.1
Ссылки
- CVE-2018-7566
- SUSE Bug 1083483
- SUSE Bug 1083488
- SUSE Bug 1087082
- SUSE Bug 1091815