[SUSE-SU-2016:3104-1] Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
This update for the Linux Kernel 3.12.57-60_35 fixes several issues.
The following security bugs were fixed:
- CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253).
- ID
- SUSE-SU-2016:3104-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20163104-1/
- Published
-
2016-12-12T15:05:13
(7 years ago) - Modified
-
2016-12-12T15:05:13
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2016-694
-
ALAS-2016-772
-
ASA-201612-6
-
ASA-201612-7
-
ASA-201612-8
-
ELSA-2016-2962
-
ELSA-2016-3648
-
ELSA-2016-3651
-
ELSA-2016-3652
-
ELSA-2016-3655
-
ELSA-2016-3656
-
ELSA-2016-3657
-
ELSA-2017-0036
-
ELSA-2017-0086
-
ELSA-2017-0307
-
ELSA-2017-0386
-
ELSA-2017-3508
-
ELSA-2017-3509
-
FEDORA-2016-107f03cc00
-
FEDORA-2016-5aff4a6bbc
-
FEDORA-2016-5cb5b4082d
-
RHSA-2017:0036
-
RHSA-2017:0086
-
RHSA-2017:0091
-
RHSA-2017:0307
-
RHSA-2017:0386
-
RHSA-2017:0387
-
SSA:2016-347-01
-
SUSE-SU-2016:2976-1
-
SUSE-SU-2016:3039-1
-
SUSE-SU-2016:3049-1
-
SUSE-SU-2016:3063-1
-
SUSE-SU-2016:3093-1
-
SUSE-SU-2016:3094-1
-
SUSE-SU-2016:3096-1
-
SUSE-SU-2016:3098-1
-
SUSE-SU-2016:3100-1
-
SUSE-SU-2016:3109-1
-
SUSE-SU-2016:3111-1
-
SUSE-SU-2016:3112-1
-
SUSE-SU-2016:3113-1
-
SUSE-SU-2016:3116-1
-
SUSE-SU-2016:3117-1
-
SUSE-SU-2016:3119-1
-
SUSE-SU-2016:3169-1
-
SUSE-SU-2016:3183-1
-
SUSE-SU-2016:3197-1
-
SUSE-SU-2016:3205-1
-
SUSE-SU-2016:3206-1
-
SUSE-SU-2016:3247-1
-
SUSE-SU-2016:3249-1
-
SUSE-SU-2017:0333-1
-
SUSE-SU-2017:0407-1
-
SUSE-SU-2017:0437-1
-
SUSE-SU-2017:0494-1
-
SUSE-SU-2017:0575-1
-
SUSE-SU-2017:1102-1
-
SUSE-SU-2017:1247-1
-
SUSE-SU-2017:1360-1
-
SUSE-SU-2017:1990-1
-
SUSE-SU-2017:2342-1
-
USN-3126-1
-
USN-3126-2
-
USN-3149-1
-
USN-3149-2
-
USN-3150-1
-
USN-3150-2
-
USN-3151-1
-
USN-3151-2
-
USN-3151-3
-
USN-3151-4
-
USN-3152-1
-
USN-3152-2
-
USN-3161-1
-
USN-3161-2
-
USN-3161-3
-
USN-3161-4
-
USN-3162-1
-
USN-3162-2
-
USN-3187-1
-
USN-3187-2
-
USN-3188-1
-
USN-3188-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2016:3104-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2016:3104-1 |
|
|
| Bugzilla | SUSE Bug 1003253 |
|
|
| Bugzilla | SUSE Bug 1012183 |
|
|
| Bugzilla | SUSE Bug 1012759 |
|
|
| CVE | SUSE CVE CVE-2016-7117 page |
|
|
| CVE | SUSE CVE CVE-2016-8655 page |
|
|
| CVE | SUSE CVE CVE-2016-9555 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |