SUSE-SU-2018:1225-1

Опубликовано: 11 мая 2018

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP3)

This update for the Linux Kernel 4.4.120-94_17 fixes one issue.

The following security issue was fixed:

CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could lead to memory corruption, possibly a denial of service or privilege escalation (bsc#1090036).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP3

kgraft-patch-4_4_120-94_17-default-2-2.2

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1/
Link for SUSE-SU-2018:1225-1
https://lists.suse.com/pipermail/sle-security-updates/2018-May/004002.html
E-Mail link for SUSE-SU-2018:1225-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1090036
SUSE Bug 1090036
https://www.suse.com/security/cve/CVE-2018-1000199/
SUSE CVE CVE-2018-1000199 page

Описание

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_120-94_17-default-2-2.2

Ссылки

https://www.suse.com/security/cve/CVE-2018-1000199.html
CVE-2018-1000199
https://bugzilla.suse.com/1089895
SUSE Bug 1089895
https://bugzilla.suse.com/1090036
SUSE Bug 1090036

SUSE-SU-2018:1225-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP3

Ссылки

Уязвимость: CVE-2018-1000199

Описание

Затронутые продукты

Ссылки