Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1034-1

Опубликовано: 20 апр. 2018
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-60_64_63 fixes several issues.

The following security issues were fixed:

  • CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. (bsc#1085447).
  • CVE-2018-1068: A flaw was found in the Linux kernels implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114).
  • CVE-2018-1000004: A race condition vulnerability existed in the sound system, which could lead to a deadlock and denial of service condition (bsc#1076017)

Список пакетов

SUSE Linux Enterprise Server 12 SP1-LTSS
kgraft-patch-3_12_74-60_64_63-default-4-2.1
kgraft-patch-3_12_74-60_64_63-xen-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
kgraft-patch-3_12_74-60_64_63-default-4-2.1
kgraft-patch-3_12_74-60_64_63-xen-4-2.1

Ссылки

Описание

An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
Ссылки

Описание

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
Ссылки

Описание

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
Ссылки

Описание

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-4-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-4-2.1
Ссылки