Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP2)

Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP1)

Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2)

Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP1)

ELSA-2018-4250: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2018-4246: Unbreakable Enterprise kernel security update (IMPORTANT)

The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).

Security update for the Linux Kernel

Security update for the Linux Kernel

ELSA-2018-3083: kernel security, bug fix, and enhancement update (IMPORTANT)

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel be ...

ELSA-2018-4301: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2018-2390: kernel security and bug fix update (IMPORTANT)

Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP2)

Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.