[SUSE-SU-2016:2001-1] Security update for Linux Kernel Live Patch 13 for SLE 12
Security update for Linux Kernel Live Patch 13 for SLE 12
This update for the Linux Kernel 3.12.55-52_45 fixes several issues.
The following security bugs were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).
| Package | Affected Version |
|---|---|
 pkg:rpm/suse/kgraft-patch-3_12_55-52_45-xen?arch=x86_64&distro=sles-12
|
< 2-2.3 |
|
pkg:rpm/suse/kgraft-patch-3_12_55-52_45-default?arch=x86_64&distro=sles-12
|
< 2-2.3 |
- ID
- SUSE-SU-2016:2001-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20162001-1/
- Published
-
2016-08-09T11:23:09
(8 years ago) - Modified
-
2016-08-09T11:23:09
(8 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2016-694
-
ALAS-2016-703
-
ALAS-2016-726
-
DSA-3426-1
-
DSA-3503-1
-
DSA-3607-1
-
ELSA-2016-1033
-
ELSA-2016-1277
-
ELSA-2016-1406
-
ELSA-2016-1539
-
ELSA-2016-1847
-
ELSA-2016-2006
-
ELSA-2016-2574
-
ELSA-2016-3559
-
ELSA-2016-3565
-
ELSA-2016-3570
-
ELSA-2016-3572
-
ELSA-2016-3573
-
ELSA-2016-3579
-
ELSA-2016-3591
-
ELSA-2016-3592
-
ELSA-2016-3593
-
ELSA-2016-3596
-
ELSA-2016-3623
-
ELSA-2016-3624
-
ELSA-2016-3625
-
ELSA-2016-3644
-
ELSA-2016-3645
-
ELSA-2017-3515
-
ELSA-2017-3516
-
FEDORA-2015-c1c2f5e168
-
FEDORA-2015-c59710b05d
-
FEDORA-2016-02ed08bf15
-
FEDORA-2016-06f1572324
-
FEDORA-2016-1c409313f4
-
FEDORA-2016-3a57b19360
-
FEDORA-2016-63ee0999e4
-
FEDORA-2016-73a733f4d9
-
FEDORA-2016-81fd1b03aa
-
FEDORA-2016-84fdc82b74
-
FEDORA-2016-f8739a80b0
-
RHSA-2016:1033
-
RHSA-2016:1051
-
RHSA-2016:1277
-
RHSA-2016:1301
-
RHSA-2016:1406
-
RHSA-2016:1539
-
RHSA-2016:1541
-
RHSA-2016:1847
-
RHSA-2016:1875
-
RHSA-2016:2006
-
RHSA-2016:2574
-
RHSA-2016:2584
-
SUSE-SU-2016:0585-1
-
SUSE-SU-2016:0745-1
-
SUSE-SU-2016:0746-1
-
SUSE-SU-2016:0747-1
-
SUSE-SU-2016:0749-1
-
SUSE-SU-2016:0750-1
-
SUSE-SU-2016:0751-1
-
SUSE-SU-2016:0752-1
-
SUSE-SU-2016:0753-1
-
SUSE-SU-2016:0754-1
-
SUSE-SU-2016:0755-1
-
SUSE-SU-2016:0756-1
-
SUSE-SU-2016:0757-1
-
SUSE-SU-2016:0785-1
-
SUSE-SU-2016:0911-1
-
SUSE-SU-2016:1019-1
-
SUSE-SU-2016:1102-1
-
SUSE-SU-2016:1203-1
-
SUSE-SU-2016:1672-1
-
SUSE-SU-2016:1690-1
-
SUSE-SU-2016:1696-1
-
SUSE-SU-2016:1707-1
-
SUSE-SU-2016:1764-1
-
SUSE-SU-2016:1937-1
-
SUSE-SU-2016:1961-1
-
SUSE-SU-2016:1985-1
-
SUSE-SU-2016:1994-1
-
SUSE-SU-2016:1995-1
-
SUSE-SU-2016:1998-1
-
SUSE-SU-2016:1999-1
-
SUSE-SU-2016:2000-1
-
SUSE-SU-2016:2002-1
-
SUSE-SU-2016:2003-1
-
SUSE-SU-2016:2005-1
-
SUSE-SU-2016:2006-1
-
SUSE-SU-2016:2007-1
-
SUSE-SU-2016:2009-1
-
SUSE-SU-2016:2010-1
-
SUSE-SU-2016:2011-1
-
SUSE-SU-2016:2014-1
-
SUSE-SU-2016:2018-1
-
SUSE-SU-2016:2074-1
-
SUSE-SU-2016:2105-1
-
SUSE-SU-2016:2245-1
-
SUSE-SU-2017:0333-1
-
SUSE-SU-2017:0471-1
-
USN-2886-1
-
USN-2886-2
-
USN-2887-1
-
USN-2887-2
-
USN-2888-1
-
USN-2889-1
-
USN-2889-2
-
USN-2890-1
-
USN-2890-2
-
USN-2890-3
-
USN-2929-1
-
USN-2929-2
-
USN-2930-1
-
USN-2930-2
-
USN-2930-3
-
USN-2931-1
-
USN-2932-1
-
USN-2975-1
-
USN-2975-2
-
USN-2976-1
-
USN-2977-1
-
USN-2978-1
-
USN-2978-2
-
USN-2978-3
-
USN-2979-1
-
USN-2979-2
-
USN-2979-3
-
USN-2979-4
-
USN-3001-1
-
USN-3002-1
-
USN-3003-1
-
USN-3004-1
-
USN-3005-1
-
USN-3006-1
-
USN-3007-1
-
USN-3018-1
-
USN-3018-2
-
USN-3019-1
-
USN-3021-1
-
USN-3021-2
-
USN-3049-1
-
USN-3050-1
-
USN-3051-1
-
USN-3052-1
-
USN-3053-1
-
USN-3054-1
-
USN-3055-1
-
USN-3056-1
-
USN-3057-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/kgraft-patch-3_12_55-52_45-xen?arch=x86_64&distro=sles-12 | suse |
kgraft-patch-3_12_55-52_45-xen
|
< 2-2.3 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/kgraft-patch-3_12_55-52_45-default?arch=x86_64&distro=sles-12 | suse |
kgraft-patch-3_12_55-52_45-default
|
< 2-2.3 | sles-12 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |