Описание
Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3)
This update for the Linux Kernel 4.4.140-94_42 fixes several issues.
The following security issues were fixed:
- CVE-2018-5390: Prevent very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming TCP packet which can lead to a denial of service (bsc#1102682).
- CVE-2018-10938: Fixed an infinite loop in the cipso_v4_optptr() function leading to a denial-of-service via crafted network packets (bsc#1106191).
- CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(), allowing a malicious local attacker to use this for privilege escalation (bsc#1105323).
- CVE-2018-3646: Fixed unauthorized disclosure of information residing in the L1 data cache on systems with microprocessors utilizing speculative execution and address translations (bsc#1099306).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP3
Ссылки
- Link for SUSE-SU-2018:2963-1
- E-Mail link for SUSE-SU-2018:2963-1
- SUSE Security Ratings
- SUSE Bug 1099306
- SUSE Bug 1102682
- SUSE Bug 1103203
- SUSE Bug 1105323
- SUSE Bug 1106191
- SUSE CVE CVE-2018-10902 page
- SUSE CVE CVE-2018-10938 page
- SUSE CVE CVE-2018-3646 page
- SUSE CVE CVE-2018-5390 page
Описание
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
Затронутые продукты
Ссылки
- CVE-2018-10902
- SUSE Bug 1105322
- SUSE Bug 1105323
Описание
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.
Затронутые продукты
Ссылки
- CVE-2018-10938
- SUSE Bug 1106016
- SUSE Bug 1106191
Описание
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
Затронутые продукты
Ссылки
- CVE-2018-3646
- SUSE Bug 1087078
- SUSE Bug 1087081
- SUSE Bug 1089343
- SUSE Bug 1091107
- SUSE Bug 1099306
- SUSE Bug 1104365
- SUSE Bug 1104894
- SUSE Bug 1106548
- SUSE Bug 1113534
- SUSE Bug 1136865
- SUSE Bug 1178658
- SUSE Bug 1201877
Описание
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Затронутые продукты
Ссылки
- CVE-2018-5390
- SUSE Bug 1087082
- SUSE Bug 1102340
- SUSE Bug 1102682
- SUSE Bug 1103097
- SUSE Bug 1103098
- SUSE Bug 1156434