[SUSE-SU-2016:2007-1] Security update for Linux Kernel Live Patch 3 for SLE 12 SP1
Security update for Linux Kernel Live Patch 3 for SLE 12 SP1
This update for the Linux Kernel 3.12.53-60_30 fixes the several issues.
These security issues were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
This non-security issue was fixed:
- bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have possibly lead to a softlockup.
- ID
- SUSE-SU-2016:2007-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20162007-1/
- Published
-
2016-08-09T11:25:25
(8 years ago) - Modified
-
2016-08-09T11:25:25
(8 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2016-694
- ALAS-2016-703
- ALAS-2016-726
- DSA-3426-1
- DSA-3503-1
- DSA-3607-1
- ELSA-2016-1033
- ELSA-2016-1277
- ELSA-2016-1406
- ELSA-2016-1539
- ELSA-2016-1847
- ELSA-2016-2006
- ELSA-2016-2124
- ELSA-2016-2574
- ELSA-2016-2766
- ELSA-2016-3559
- ELSA-2016-3565
- ELSA-2016-3570
- ELSA-2016-3572
- ELSA-2016-3573
- ELSA-2016-3579
- ELSA-2016-3591
- ELSA-2016-3592
- ELSA-2016-3593
- ELSA-2016-3596
- ELSA-2016-3623
- ELSA-2016-3624
- ELSA-2016-3625
- ELSA-2016-3635
- ELSA-2016-3636
- ELSA-2016-3644
- ELSA-2016-3645
- ELSA-2016-3646
- ELSA-2017-3515
- ELSA-2017-3516
- ELSA-2019-4644
- FEDORA-2015-c1c2f5e168
- FEDORA-2015-c59710b05d
- FEDORA-2016-02ed08bf15
- FEDORA-2016-06f1572324
- FEDORA-2016-1c409313f4
- FEDORA-2016-3a57b19360
- FEDORA-2016-63ee0999e4
- FEDORA-2016-73a733f4d9
- FEDORA-2016-81fd1b03aa
- FEDORA-2016-84fdc82b74
- FEDORA-2016-f8739a80b0
- RHSA-2016:1033
- RHSA-2016:1051
- RHSA-2016:1277
- RHSA-2016:1301
- RHSA-2016:1406
- RHSA-2016:1539
- RHSA-2016:1541
- RHSA-2016:1847
- RHSA-2016:1875
- RHSA-2016:2006
- RHSA-2016:2574
- RHSA-2016:2584
- RHSA-2016:2766
- SUSE-SU-2016:0585-1
- SUSE-SU-2016:0745-1
- SUSE-SU-2016:0746-1
- SUSE-SU-2016:0747-1
- SUSE-SU-2016:0749-1
- SUSE-SU-2016:0750-1
- SUSE-SU-2016:0751-1
- SUSE-SU-2016:0752-1
- SUSE-SU-2016:0753-1
- SUSE-SU-2016:0754-1
- SUSE-SU-2016:0755-1
- SUSE-SU-2016:0756-1
- SUSE-SU-2016:0757-1
- SUSE-SU-2016:0785-1
- SUSE-SU-2016:0911-1
- SUSE-SU-2016:1019-1
- SUSE-SU-2016:1102-1
- SUSE-SU-2016:1203-1
- SUSE-SU-2016:1596-1
- SUSE-SU-2016:1672-1
- SUSE-SU-2016:1690-1
- SUSE-SU-2016:1696-1
- SUSE-SU-2016:1707-1
- SUSE-SU-2016:1764-1
- SUSE-SU-2016:1937-1
- SUSE-SU-2016:1961-1
- SUSE-SU-2016:1985-1
- SUSE-SU-2016:1994-1
- SUSE-SU-2016:1995-1
- SUSE-SU-2016:1998-1
- SUSE-SU-2016:1999-1
- SUSE-SU-2016:2000-1
- SUSE-SU-2016:2001-1
- SUSE-SU-2016:2002-1
- SUSE-SU-2016:2003-1
- SUSE-SU-2016:2005-1
- SUSE-SU-2016:2006-1
- SUSE-SU-2016:2009-1
- SUSE-SU-2016:2010-1
- SUSE-SU-2016:2011-1
- SUSE-SU-2016:2014-1
- SUSE-SU-2016:2018-1
- SUSE-SU-2016:2074-1
- SUSE-SU-2016:2105-1
- SUSE-SU-2016:2245-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0471-1
- USN-2886-1
- USN-2886-2
- USN-2887-1
- USN-2887-2
- USN-2888-1
- USN-2889-1
- USN-2889-2
- USN-2890-1
- USN-2890-2
- USN-2890-3
- USN-2929-1
- USN-2929-2
- USN-2930-1
- USN-2930-2
- USN-2930-3
- USN-2931-1
- USN-2932-1
- USN-2975-1
- USN-2975-2
- USN-2976-1
- USN-2977-1
- USN-2978-1
- USN-2978-2
- USN-2978-3
- USN-2979-1
- USN-2979-2
- USN-2979-3
- USN-2979-4
- USN-2996-1
- USN-2997-1
- USN-2998-1
- USN-2999-1
- USN-3000-1
- USN-3001-1
- USN-3002-1
- USN-3003-1
- USN-3004-1
- USN-3005-1
- USN-3006-1
- USN-3007-1
- USN-3008-1
- USN-3018-1
- USN-3018-2
- USN-3019-1
- USN-3021-1
- USN-3021-2
- USN-3049-1
- USN-3050-1
- USN-3051-1
- USN-3052-1
- USN-3053-1
- USN-3054-1
- USN-3055-1
- USN-3056-1
- USN-3057-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |