[SUSE-SU-2017:2447-1] Security update for Linux Kernel Live Patch 18 for SLE 12 SP1
Severity
Important
Affected Packages
2
CVEs
3
Security update for Linux Kernel Live Patch 18 for SLE 12 SP1
This update for the Linux Kernel 3.12.74-60_64_51 fixes several issues.
The following security bugs were fixed:
- CVE-2017-1000112: Prevent a race condition in net-packet code that could have been exploited by unprivileged users to gain root access (bsc#1052368).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1038564, bsc#1042892).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).
| Package | Affected Version |
|---|---|
 pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-xen?arch=x86_64&distro=sles-12&sp=1
|
< 2-2.1 |
|
pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-default?arch=x86_64&distro=sles-12&sp=1
|
< 2-2.1 |
- ID
- SUSE-SU-2017:2447-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172447-1/
- Published
-
2017-09-13T10:33:49
(7 years ago) - Modified
-
2017-09-13T10:33:49
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2017-846
-
ALAS-2017-868
-
DSA-3886-1
-
DSA-3981-1
-
ELSA-2017-1842
-
ELSA-2017-2930
-
ELSA-2017-3200
-
ELSA-2017-3574
-
ELSA-2017-3575
-
ELSA-2017-3576
-
ELSA-2017-3605
-
ELSA-2017-3606
-
ELSA-2017-3607
-
ELSA-2017-3631
-
ELSA-2018-1854
-
FEDORA-2017-273b67d5ee
-
FEDORA-2017-4336d64e21
-
FEDORA-2017-6554692044
-
FEDORA-2017-6f06be3fe9
-
FEDORA-2017-73f71456d7
-
FEDORA-2017-85744f8aa9
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-884a105c04
-
RHSA-2017:1842
-
RHSA-2017:2077
-
RHSA-2017:2930
-
RHSA-2017:2931
-
RHSA-2017:3200
-
RHSA-2018:1854
-
SUSE-SU-2017:1853-1
-
SUSE-SU-2017:1990-1
-
SUSE-SU-2017:2043-1
-
SUSE-SU-2017:2046-1
-
SUSE-SU-2017:2049-1
-
SUSE-SU-2017:2060-1
-
SUSE-SU-2017:2061-1
-
SUSE-SU-2017:2062-1
-
SUSE-SU-2017:2063-1
-
SUSE-SU-2017:2064-1
-
SUSE-SU-2017:2065-1
-
SUSE-SU-2017:2066-1
-
SUSE-SU-2017:2067-1
-
SUSE-SU-2017:2068-1
-
SUSE-SU-2017:2070-1
-
SUSE-SU-2017:2072-1
-
SUSE-SU-2017:2073-1
-
SUSE-SU-2017:2088-1
-
SUSE-SU-2017:2089-1
-
SUSE-SU-2017:2090-1
-
SUSE-SU-2017:2091-1
-
SUSE-SU-2017:2092-1
-
SUSE-SU-2017:2093-1
-
SUSE-SU-2017:2094-1
-
SUSE-SU-2017:2095-1
-
SUSE-SU-2017:2096-1
-
SUSE-SU-2017:2098-1
-
SUSE-SU-2017:2099-1
-
SUSE-SU-2017:2100-1
-
SUSE-SU-2017:2102-1
-
SUSE-SU-2017:2103-1
-
SUSE-SU-2017:2131-1
-
SUSE-SU-2017:2142-1
-
SUSE-SU-2017:2150-1
-
SUSE-SU-2017:2286-1
-
SUSE-SU-2017:2342-1
-
SUSE-SU-2017:2389-1
-
SUSE-SU-2017:2423-1
-
SUSE-SU-2017:2424-1
-
SUSE-SU-2017:2436-1
-
SUSE-SU-2017:2437-1
-
SUSE-SU-2017:2438-1
-
SUSE-SU-2017:2438-2
-
SUSE-SU-2017:2439-1
-
SUSE-SU-2017:2440-1
-
SUSE-SU-2017:2441-1
-
SUSE-SU-2017:2442-1
-
SUSE-SU-2017:2443-1
-
SUSE-SU-2017:2446-1
-
SUSE-SU-2017:2448-1
-
SUSE-SU-2017:2454-1
-
SUSE-SU-2017:2455-1
-
SUSE-SU-2017:2456-1
-
SUSE-SU-2017:2457-1
-
SUSE-SU-2017:2458-1
-
SUSE-SU-2017:2464-1
-
SUSE-SU-2017:2465-1
-
SUSE-SU-2017:2467-1
-
SUSE-SU-2017:2469-1
-
SUSE-SU-2017:2471-1
-
SUSE-SU-2017:2472-1
-
SUSE-SU-2017:2473-1
-
SUSE-SU-2017:2474-1
-
SUSE-SU-2017:2475-1
-
SUSE-SU-2017:2476-1
-
SUSE-SU-2017:2497-1
-
SUSE-SU-2017:2498-1
-
SUSE-SU-2017:2499-1
-
SUSE-SU-2017:2500-1
-
SUSE-SU-2017:2506-1
-
SUSE-SU-2017:2508-1
-
SUSE-SU-2017:2509-1
-
SUSE-SU-2017:2510-1
-
SUSE-SU-2017:2511-1
-
SUSE-SU-2017:2525-1
-
SUSE-SU-2017:2694-1
-
SUSE-SU-2017:2775-1
-
SUSE-SU-2017:2791-1
-
SUSE-SU-2017:2813-1
-
SUSE-SU-2017:2908-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2017:2956-1
-
SUSE-SU-2017:3265-1
-
USN-3342-1
-
USN-3342-2
-
USN-3343-1
-
USN-3343-2
-
USN-3344-1
-
USN-3344-2
-
USN-3345-1
-
USN-3384-1
-
USN-3384-2
-
USN-3385-1
-
USN-3385-2
-
USN-3386-1
-
USN-3386-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2017:2447-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2017:2447-1 |
|
|
| Bugzilla | SUSE Bug 1038564 |
|
|
| Bugzilla | SUSE Bug 1042892 |
|
|
| Bugzilla | SUSE Bug 1052311 |
|
|
| Bugzilla | SUSE Bug 1052368 |
|
|
| CVE | SUSE CVE CVE-2017-1000112 page |
|
|
| CVE | SUSE CVE CVE-2017-8890 page |
|
|
| CVE | SUSE CVE CVE-2017-9242 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-xen?arch=x86_64&distro=sles-12&sp=1 | suse |
kgraft-patch-3_12_74-60_64_51-xen
|
< 2-2.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-default?arch=x86_64&distro=sles-12&sp=1 | suse |
kgraft-patch-3_12_74-60_64_51-default
|
< 2-2.1 | sles-12 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |