[SUSE-SU-2017:0294-1] Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues.
The following security bugs were fixed:
- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).
- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).
- ID
- SUSE-SU-2017:0294-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20170294-1/
- Published
-
2017-01-26T16:03:25
(7 years ago) - Modified
-
2017-01-26T16:03:25
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2017-782
- ELSA-2017-0817
- ELSA-2017-1842
- ELSA-2017-3508
- ELSA-2017-3509
- ELSA-2017-3510
- ELSA-2017-3514
- FEDORA-2016-107f03cc00
- FEDORA-2016-5aff4a6bbc
- FEDORA-2016-5cb5b4082d
- RHSA-2016:2574
- RHSA-2017:0817
- RHSA-2017:1842
- RHSA-2017:2077
- SUSE-SU-2016:3146-1
- SUSE-SU-2016:3188-1
- SUSE-SU-2016:3203-1
- SUSE-SU-2016:3217-1
- SUSE-SU-2016:3248-1
- SUSE-SU-2016:3252-1
- SUSE-SU-2017:0226-1
- SUSE-SU-2017:0227-1
- SUSE-SU-2017:0228-1
- SUSE-SU-2017:0229-1
- SUSE-SU-2017:0230-1
- SUSE-SU-2017:0231-1
- SUSE-SU-2017:0233-1
- SUSE-SU-2017:0234-1
- SUSE-SU-2017:0235-1
- SUSE-SU-2017:0244-1
- SUSE-SU-2017:0245-1
- SUSE-SU-2017:0246-1
- SUSE-SU-2017:0247-1
- SUSE-SU-2017:0248-1
- SUSE-SU-2017:0249-1
- SUSE-SU-2017:0267-1
- SUSE-SU-2017:0268-1
- SUSE-SU-2017:0278-1
- SUSE-SU-2017:0293-1
- SUSE-SU-2017:0407-1
- SUSE-SU-2017:1102-1
- USN-3167-1
- USN-3167-2
- USN-3168-1
- USN-3168-2
- USN-3169-1
- USN-3169-2
- USN-3169-3
- USN-3169-4
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0294-1.json | |
Suse | URL for SUSE-SU-2017:0294-1 | https://www.suse.com/support/update/announcement/2017/suse-su-20170294-1/ | |
Suse | E-Mail link for SUSE-SU-2017:0294-1 | https://lists.suse.com/pipermail/sle-security-updates/2017-January/002601.html | |
Bugzilla | SUSE Bug 1013543 | https://bugzilla.suse.com/1013543 | |
Bugzilla | SUSE Bug 1013604 | https://bugzilla.suse.com/1013604 | |
Bugzilla | SUSE Bug 1014271 | https://bugzilla.suse.com/1014271 | |
CVE | SUSE CVE CVE-2016-9576 page | https://www.suse.com/security/cve/CVE-2016-9576/ | |
CVE | SUSE CVE CVE-2016-9794 page | https://www.suse.com/security/cve/CVE-2016-9794/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |