SUSE-SU-2018:2940-1

Опубликовано: 28 сент. 2018

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 1 for SLE 15)

This update for the Linux Kernel 4.12.14-25_3 fixes several issues.

The following security issues were fixed:

CVE-2018-10938: It was found that a crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system an attacker could leverage this flaw.
CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(), allowing a malicious local attacker to use this for privilege escalation (bsc#1105323).

Список пакетов

SUSE Linux Enterprise Live Patching 15

kernel-livepatch-4_12_14-23-default-4-10.2

kernel-livepatch-4_12_14-25_3-default-4-2.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20182940-1/
Link for SUSE-SU-2018:2940-1
https://lists.suse.com/pipermail/sle-security-updates/2018-September/004625.html
E-Mail link for SUSE-SU-2018:2940-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1105323
SUSE Bug 1105323
https://bugzilla.suse.com/1106191
SUSE Bug 1106191
https://www.suse.com/security/cve/CVE-2018-10902/
SUSE CVE CVE-2018-10902 page
https://www.suse.com/security/cve/CVE-2018-10938/
SUSE CVE CVE-2018-10938 page

Описание

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-23-default-4-10.2

SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-4-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-10902.html
CVE-2018-10902
https://bugzilla.suse.com/1105322
SUSE Bug 1105322
https://bugzilla.suse.com/1105323
SUSE Bug 1105323

Описание

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-23-default-4-10.2

SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-4-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-10938.html
CVE-2018-10938
https://bugzilla.suse.com/1106016
SUSE Bug 1106016
https://bugzilla.suse.com/1106191
SUSE Bug 1106191

SUSE-SU-2018:2940-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15

Ссылки

Уязвимость: CVE-2018-10902

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2018-10938

Описание

Затронутые продукты

Ссылки