[SUSE-SU-2017:2779-1] Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
Severity
Important
Affected Packages
2
CVEs
2
Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
This update for the Linux Kernel 3.12.67-60_64_21 fixes one issue.
The following security bugs were fixed:
- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call (bsc#1045327).
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950).
| Package | Affected Version |
|---|---|
 pkg:rpm/suse/kgraft-patch-3_12_67-60_64_21-xen?arch=x86_64&distro=sles-12&sp=1
|
< 10-4.1 |
|
pkg:rpm/suse/kgraft-patch-3_12_67-60_64_21-default?arch=x86_64&distro=sles-12&sp=1
|
< 10-4.1 |
- ID
- SUSE-SU-2017:2779-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172779-1/
- Published
-
2017-10-19T11:48:32
(7 years ago) - Modified
-
2017-10-19T11:48:32
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2017-914
-
ASA-201709-12
-
ASA-201709-4
-
ASA-201709-8
-
ASA-201709-9
-
DSA-3981-1
-
ELSA-2017-2679
-
ELSA-2017-2681
-
ELSA-2017-3620
-
ELSA-2017-3621
-
ELSA-2017-3622
-
FEDORA-2017-7369ea045c
-
FEDORA-2017-e07d7fb18e
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-884a105c04
-
RHSA-2017:2679
-
RHSA-2017:2681
-
RHSA-2017:2704
-
RHSA-2018:0676
-
RHSA-2018:1062
-
SSA:2017-258-02
-
SUSE-SU-2017:2459-1
-
SUSE-SU-2017:2521-1
-
SUSE-SU-2017:2523-1
-
SUSE-SU-2017:2534-1
-
SUSE-SU-2017:2548-1
-
SUSE-SU-2017:2694-1
-
SUSE-SU-2017:2769-1
-
SUSE-SU-2017:2770-1
-
SUSE-SU-2017:2771-1
-
SUSE-SU-2017:2772-1
-
SUSE-SU-2017:2773-1
-
SUSE-SU-2017:2774-1
-
SUSE-SU-2017:2775-1
-
SUSE-SU-2017:2776-1
-
SUSE-SU-2017:2777-1
-
SUSE-SU-2017:2778-1
-
SUSE-SU-2017:2780-1
-
SUSE-SU-2017:2781-1
-
SUSE-SU-2017:2782-1
-
SUSE-SU-2017:2783-1
-
SUSE-SU-2017:2784-1
-
SUSE-SU-2017:2785-1
-
SUSE-SU-2017:2786-1
-
SUSE-SU-2017:2787-1
-
SUSE-SU-2017:2788-1
-
SUSE-SU-2017:2790-1
-
SUSE-SU-2017:2791-1
-
SUSE-SU-2017:2792-1
-
SUSE-SU-2017:2793-1
-
SUSE-SU-2017:2794-1
-
SUSE-SU-2017:2796-1
-
SUSE-SU-2017:2797-1
-
SUSE-SU-2017:2798-1
-
SUSE-SU-2017:2799-1
-
SUSE-SU-2017:2800-1
-
SUSE-SU-2017:2801-1
-
SUSE-SU-2017:2802-1
-
SUSE-SU-2017:2803-1
-
SUSE-SU-2017:2804-1
-
SUSE-SU-2017:2805-1
-
SUSE-SU-2017:2806-1
-
SUSE-SU-2017:2807-1
-
SUSE-SU-2017:2809-1
-
SUSE-SU-2017:2811-1
-
SUSE-SU-2017:2816-1
-
SUSE-SU-2017:2908-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2017:2956-1
-
SUSE-SU-2017:3165-1
-
SUSE-SU-2017:3265-1
-
SUSE-SU-2018:0040-1
-
USN-3419-1
-
USN-3419-2
-
USN-3420-1
-
USN-3420-2
-
USN-3422-1
-
USN-3422-2
-
USN-3423-1
-
USN-3583-1
-
USN-3583-2
-
VU:240311
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2017:2779-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2017:2779-1 |
|
|
| Bugzilla | SUSE Bug 1045327 |
|
|
| Bugzilla | SUSE Bug 1057950 |
|
|
| CVE | SUSE CVE CVE-2017-1000251 page |
|
|
| CVE | SUSE CVE CVE-2017-15274 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/kgraft-patch-3_12_67-60_64_21-xen?arch=x86_64&distro=sles-12&sp=1 | suse |
kgraft-patch-3_12_67-60_64_21-xen
|
< 10-4.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/kgraft-patch-3_12_67-60_64_21-default?arch=x86_64&distro=sles-12&sp=1 | suse |
kgraft-patch-3_12_67-60_64_21-default
|
< 10-4.1 | sles-12 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |