[SUSE-SU-2017:2447-1] Security update for Linux Kernel Live Patch 18 for SLE 12 SP1
Severity
Important
Affected Packages
2
CVEs
3
Security update for Linux Kernel Live Patch 18 for SLE 12 SP1
This update for the Linux Kernel 3.12.74-60_64_51 fixes several issues.
The following security bugs were fixed:
- CVE-2017-1000112: Prevent a race condition in net-packet code that could have been exploited by unprivileged users to gain root access (bsc#1052368).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1038564, bsc#1042892).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).
Package | Affected Version |
---|---|
pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-xen?arch=x86_64&distro=sles-12&sp=1 | < 2-2.1 |
pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-default?arch=x86_64&distro=sles-12&sp=1 | < 2-2.1 |
- ID
- SUSE-SU-2017:2447-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172447-1/
- Published
-
2017-09-13T10:33:49
(7 years ago) - Modified
-
2017-09-13T10:33:49
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2017-846
- ALAS-2017-868
- DSA-3886-1
- DSA-3981-1
- ELSA-2017-1842
- ELSA-2017-2930
- ELSA-2017-3200
- ELSA-2017-3574
- ELSA-2017-3575
- ELSA-2017-3576
- ELSA-2017-3605
- ELSA-2017-3606
- ELSA-2017-3607
- ELSA-2017-3631
- ELSA-2018-1854
- FEDORA-2017-273b67d5ee
- FEDORA-2017-4336d64e21
- FEDORA-2017-6554692044
- FEDORA-2017-6f06be3fe9
- FEDORA-2017-73f71456d7
- FEDORA-2017-85744f8aa9
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-884a105c04
- RHSA-2017:1842
- RHSA-2017:2077
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2017:3200
- RHSA-2018:1854
- SUSE-SU-2017:1853-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2043-1
- SUSE-SU-2017:2046-1
- SUSE-SU-2017:2049-1
- SUSE-SU-2017:2060-1
- SUSE-SU-2017:2061-1
- SUSE-SU-2017:2062-1
- SUSE-SU-2017:2063-1
- SUSE-SU-2017:2064-1
- SUSE-SU-2017:2065-1
- SUSE-SU-2017:2066-1
- SUSE-SU-2017:2067-1
- SUSE-SU-2017:2068-1
- SUSE-SU-2017:2070-1
- SUSE-SU-2017:2072-1
- SUSE-SU-2017:2073-1
- SUSE-SU-2017:2088-1
- SUSE-SU-2017:2089-1
- SUSE-SU-2017:2090-1
- SUSE-SU-2017:2091-1
- SUSE-SU-2017:2092-1
- SUSE-SU-2017:2093-1
- SUSE-SU-2017:2094-1
- SUSE-SU-2017:2095-1
- SUSE-SU-2017:2096-1
- SUSE-SU-2017:2098-1
- SUSE-SU-2017:2099-1
- SUSE-SU-2017:2100-1
- SUSE-SU-2017:2102-1
- SUSE-SU-2017:2103-1
- SUSE-SU-2017:2131-1
- SUSE-SU-2017:2142-1
- SUSE-SU-2017:2150-1
- SUSE-SU-2017:2286-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2423-1
- SUSE-SU-2017:2424-1
- SUSE-SU-2017:2436-1
- SUSE-SU-2017:2437-1
- SUSE-SU-2017:2438-1
- SUSE-SU-2017:2438-2
- SUSE-SU-2017:2439-1
- SUSE-SU-2017:2440-1
- SUSE-SU-2017:2441-1
- SUSE-SU-2017:2442-1
- SUSE-SU-2017:2443-1
- SUSE-SU-2017:2446-1
- SUSE-SU-2017:2448-1
- SUSE-SU-2017:2454-1
- SUSE-SU-2017:2455-1
- SUSE-SU-2017:2456-1
- SUSE-SU-2017:2457-1
- SUSE-SU-2017:2458-1
- SUSE-SU-2017:2464-1
- SUSE-SU-2017:2465-1
- SUSE-SU-2017:2467-1
- SUSE-SU-2017:2469-1
- SUSE-SU-2017:2471-1
- SUSE-SU-2017:2472-1
- SUSE-SU-2017:2473-1
- SUSE-SU-2017:2474-1
- SUSE-SU-2017:2475-1
- SUSE-SU-2017:2476-1
- SUSE-SU-2017:2497-1
- SUSE-SU-2017:2498-1
- SUSE-SU-2017:2499-1
- SUSE-SU-2017:2500-1
- SUSE-SU-2017:2506-1
- SUSE-SU-2017:2508-1
- SUSE-SU-2017:2509-1
- SUSE-SU-2017:2510-1
- SUSE-SU-2017:2511-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2694-1
- SUSE-SU-2017:2775-1
- SUSE-SU-2017:2791-1
- SUSE-SU-2017:2813-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2956-1
- SUSE-SU-2017:3265-1
- USN-3342-1
- USN-3342-2
- USN-3343-1
- USN-3343-2
- USN-3344-1
- USN-3344-2
- USN-3345-1
- USN-3384-1
- USN-3384-2
- USN-3385-1
- USN-3385-2
- USN-3386-1
- USN-3386-2
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2447-1.json | |
Suse | URL for SUSE-SU-2017:2447-1 | https://www.suse.com/support/update/announcement/2017/suse-su-20172447-1/ | |
Suse | E-Mail link for SUSE-SU-2017:2447-1 | https://lists.suse.com/pipermail/sle-security-updates/2017-September/003210.html | |
Bugzilla | SUSE Bug 1038564 | https://bugzilla.suse.com/1038564 | |
Bugzilla | SUSE Bug 1042892 | https://bugzilla.suse.com/1042892 | |
Bugzilla | SUSE Bug 1052311 | https://bugzilla.suse.com/1052311 | |
Bugzilla | SUSE Bug 1052368 | https://bugzilla.suse.com/1052368 | |
CVE | SUSE CVE CVE-2017-1000112 page | https://www.suse.com/security/cve/CVE-2017-1000112/ | |
CVE | SUSE CVE CVE-2017-8890 page | https://www.suse.com/security/cve/CVE-2017-8890/ | |
CVE | SUSE CVE CVE-2017-9242 page | https://www.suse.com/security/cve/CVE-2017-9242/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-xen?arch=x86_64&distro=sles-12&sp=1 | suse | kgraft-patch-3_12_74-60_64_51-xen | < 2-2.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kgraft-patch-3_12_74-60_64_51-default?arch=x86_64&distro=sles-12&sp=1 | suse | kgraft-patch-3_12_74-60_64_51-default | < 2-2.1 | sles-12 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |