[SUSE-SU-2016:3104-1] Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
Security update for Linux Kernel Live Patch 4 for SLE 12 SP1
This update for the Linux Kernel 3.12.57-60_35 fixes several issues.
The following security bugs were fixed:
- CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253).
- ID
- SUSE-SU-2016:3104-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20163104-1/
- Published
-
2016-12-12T15:05:13
(7 years ago) - Modified
-
2016-12-12T15:05:13
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2016-694
- ALAS-2016-772
- ASA-201612-6
- ASA-201612-7
- ASA-201612-8
- ELSA-2016-2962
- ELSA-2016-3648
- ELSA-2016-3651
- ELSA-2016-3652
- ELSA-2016-3655
- ELSA-2016-3656
- ELSA-2016-3657
- ELSA-2017-0036
- ELSA-2017-0086
- ELSA-2017-0307
- ELSA-2017-0386
- ELSA-2017-3508
- ELSA-2017-3509
- FEDORA-2016-107f03cc00
- FEDORA-2016-5aff4a6bbc
- FEDORA-2016-5cb5b4082d
- RHSA-2017:0036
- RHSA-2017:0086
- RHSA-2017:0091
- RHSA-2017:0307
- RHSA-2017:0386
- RHSA-2017:0387
- SSA:2016-347-01
- SUSE-SU-2016:2976-1
- SUSE-SU-2016:3039-1
- SUSE-SU-2016:3049-1
- SUSE-SU-2016:3063-1
- SUSE-SU-2016:3093-1
- SUSE-SU-2016:3094-1
- SUSE-SU-2016:3096-1
- SUSE-SU-2016:3098-1
- SUSE-SU-2016:3100-1
- SUSE-SU-2016:3109-1
- SUSE-SU-2016:3111-1
- SUSE-SU-2016:3112-1
- SUSE-SU-2016:3113-1
- SUSE-SU-2016:3116-1
- SUSE-SU-2016:3117-1
- SUSE-SU-2016:3119-1
- SUSE-SU-2016:3169-1
- SUSE-SU-2016:3183-1
- SUSE-SU-2016:3197-1
- SUSE-SU-2016:3205-1
- SUSE-SU-2016:3206-1
- SUSE-SU-2016:3247-1
- SUSE-SU-2016:3249-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0407-1
- SUSE-SU-2017:0437-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:0575-1
- SUSE-SU-2017:1102-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2342-1
- USN-3126-1
- USN-3126-2
- USN-3149-1
- USN-3149-2
- USN-3150-1
- USN-3150-2
- USN-3151-1
- USN-3151-2
- USN-3151-3
- USN-3151-4
- USN-3152-1
- USN-3152-2
- USN-3161-1
- USN-3161-2
- USN-3161-3
- USN-3161-4
- USN-3162-1
- USN-3162-2
- USN-3187-1
- USN-3187-2
- USN-3188-1
- USN-3188-2
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_3104-1.json | |
Suse | URL for SUSE-SU-2016:3104-1 | https://www.suse.com/support/update/announcement/2016/suse-su-20163104-1/ | |
Suse | E-Mail link for SUSE-SU-2016:3104-1 | https://lists.suse.com/pipermail/sle-security-updates/2016-December/002473.html | |
Bugzilla | SUSE Bug 1003253 | https://bugzilla.suse.com/1003253 | |
Bugzilla | SUSE Bug 1012183 | https://bugzilla.suse.com/1012183 | |
Bugzilla | SUSE Bug 1012759 | https://bugzilla.suse.com/1012759 | |
CVE | SUSE CVE CVE-2016-7117 page | https://www.suse.com/security/cve/CVE-2016-7117/ | |
CVE | SUSE CVE CVE-2016-8655 page | https://www.suse.com/security/cve/CVE-2016-8655/ | |
CVE | SUSE CVE CVE-2016-9555 page | https://www.suse.com/security/cve/CVE-2016-9555/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |