Описание
Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3)
This update for the Linux Kernel 4.4.103-6_38 fixes one issue.
The following security issue was fixed:
- CVE-2018-5848: Fixed an unsigned integer overflow in wmi_set_ie. This could lead to a buffer overflow (bsc#1097356).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP3
kgraft-patch-4_4_126-94_22-default-9-2.1
kgraft-patch-4_4_120-94_17-default-9-2.1
kgraft-patch-4_4_114-94_11-default-10-2.1
kgraft-patch-4_4_103-6_33-default-12-2.1
kgraft-patch-4_4_131-94_29-default-7-2.1
kgraft-patch-4_4_132-94_33-default-7-2.1
kgraft-patch-4_4_114-94_14-default-10-2.1
kgraft-patch-4_4_103-6_38-default-12-2.1
Ссылки
- Link for SUSE-SU-2018:4208-1
- E-Mail link for SUSE-SU-2018:4208-1
- SUSE Security Ratings
- SUSE Bug 1115339
- SUSE CVE CVE-2018-5848 page
Описание
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-12-2.1
SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_38-default-12-2.1
SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-10-2.1
SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_14-default-10-2.1
Ссылки
- CVE-2018-5848
- SUSE Bug 1087082
- SUSE Bug 1097356
- SUSE Bug 1105412
- SUSE Bug 1115339