[SUSE-SU-2017:2065-1] Security update for Linux Kernel Live Patch 4 for SLE 12 SP2
Severity
Important
CVEs
7
Security update for Linux Kernel Live Patch 4 for SLE 12 SP2
This update for the Linux Kernel 4.4.38-93 fixes several issues.
The following security bugs were fixed:
- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).
- CVE-2017-8797: The NFSv4 server in the Linux kernel did not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system (bsc#1046202)
- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).
- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1042364).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).
- ID
- SUSE-SU-2017:2065-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172065-1/
- Published
-
2017-08-07T08:08:28
(7 years ago) - Modified
-
2017-08-07T08:08:28
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2017-846
- ALAS-2017-870
- ASA-201703-13
- ASA-201703-6
- ASA-201703-8
- DSA-3804-1
- DSA-3886-1
- DSA-3927-1
- DSA-3945-1
- ELSA-2017-0892
- ELSA-2017-0933
- ELSA-2017-1615
- ELSA-2017-1842
- ELSA-2017-2473
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3574
- ELSA-2017-3575
- ELSA-2017-3576
- ELSA-2017-3589
- ELSA-2017-3590
- ELSA-2017-3591
- ELSA-2017-3595
- ELSA-2017-3605
- ELSA-2017-3606
- ELSA-2017-3607
- ELSA-2017-3636
- ELSA-2017-3637
- ELSA-2018-1319
- ELSA-2018-1854
- FEDORA-2017-0aa0f69e0c
- FEDORA-2017-273b67d5ee
- FEDORA-2017-6554692044
- FEDORA-2017-6f06be3fe9
- FEDORA-2017-73f71456d7
- FEDORA-2017-7462231059
- FEDORA-2017-85744f8aa9
- FEDORA-2017-adc7d95627
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-884a105c04
- RHSA-2017:0892
- RHSA-2017:0931
- RHSA-2017:0933
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1842
- RHSA-2017:2077
- RHSA-2017:2473
- RHSA-2017:2585
- RHSA-2018:1319
- RHSA-2018:1854
- SUSE-SU-2017:0864-1
- SUSE-SU-2017:0865-1
- SUSE-SU-2017:0866-1
- SUSE-SU-2017:0912-1
- SUSE-SU-2017:0913-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1853-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2041-1
- SUSE-SU-2017:2042-1
- SUSE-SU-2017:2043-1
- SUSE-SU-2017:2046-1
- SUSE-SU-2017:2049-1
- SUSE-SU-2017:2060-1
- SUSE-SU-2017:2061-1
- SUSE-SU-2017:2062-1
- SUSE-SU-2017:2063-1
- SUSE-SU-2017:2064-1
- SUSE-SU-2017:2066-1
- SUSE-SU-2017:2067-1
- SUSE-SU-2017:2068-1
- SUSE-SU-2017:2069-1
- SUSE-SU-2017:2070-1
- SUSE-SU-2017:2072-1
- SUSE-SU-2017:2073-1
- SUSE-SU-2017:2074-1
- SUSE-SU-2017:2088-1
- SUSE-SU-2017:2089-1
- SUSE-SU-2017:2090-1
- SUSE-SU-2017:2091-1
- SUSE-SU-2017:2092-1
- SUSE-SU-2017:2093-1
- SUSE-SU-2017:2094-1
- SUSE-SU-2017:2095-1
- SUSE-SU-2017:2096-1
- SUSE-SU-2017:2098-1
- SUSE-SU-2017:2099-1
- SUSE-SU-2017:2100-1
- SUSE-SU-2017:2102-1
- SUSE-SU-2017:2103-1
- SUSE-SU-2017:2114-1
- SUSE-SU-2017:2286-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2446-1
- SUSE-SU-2017:2447-1
- SUSE-SU-2017:2448-1
- SUSE-SU-2017:2475-1
- SUSE-SU-2017:2476-1
- SUSE-SU-2017:2497-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2775-1
- SUSE-SU-2017:2791-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2956-1
- USN-3218-1
- USN-3219-1
- USN-3219-2
- USN-3220-1
- USN-3220-2
- USN-3220-3
- USN-3221-1
- USN-3221-2
- USN-3312-1
- USN-3312-2
- USN-3314-1
- USN-3342-1
- USN-3342-2
- USN-3343-1
- USN-3343-2
- USN-3344-1
- USN-3344-2
- USN-3345-1
- USN-3361-1
- USN-3377-1
- USN-3377-2
- USN-3378-1
- USN-3378-2
- USN-3754-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |