[SUSE-SU-2017:3307-1] Security update for the Linux Kernel (Live Patch 28 for SLE 12)
Severity
Important
Affected Packages
2
CVEs
2
Security update for the Linux Kernel (Live Patch 28 for SLE 12)
This update for the Linux Kernel 3.12.61-52_101 fixes several issues.
The following security issues were fixed:
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bsc#1069708).
- CVE-2017-15649: net/packet/af_packet.c allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free (bsc#1064392).
| Package | Affected Version |
|---|---|
 pkg:rpm/suse/kgraft-patch-3_12_61-52_101-xen?arch=x86_64&distro=sles-12
|
< 2-2.1 |
|
pkg:rpm/suse/kgraft-patch-3_12_61-52_101-default?arch=x86_64&distro=sles-12
|
< 2-2.1 |
- ID
- SUSE-SU-2017:3307-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20173307-1/
- Published
-
2017-12-14T10:50:07
(6 years ago) - Modified
-
2017-12-14T10:50:07
(6 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2018-1023
-
ALAS2-2018-1023
-
DSA-4082-1
-
ELSA-2017-3651
-
ELSA-2018-0151
-
ELSA-2018-1318
-
ELSA-2018-4131
-
RHSA-2018:0151
-
RHSA-2018:0152
-
RHSA-2018:1318
-
RHSA-2018:1355
-
SUSE-SU-2017:2847-1
-
SUSE-SU-2017:2869-1
-
SUSE-SU-2017:2908-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2017:3072-1
-
SUSE-SU-2017:3074-1
-
SUSE-SU-2017:3076-1
-
SUSE-SU-2017:3103-1
-
SUSE-SU-2017:3116-1
-
SUSE-SU-2017:3117-1
-
SUSE-SU-2017:3118-1
-
SUSE-SU-2017:3119-1
-
SUSE-SU-2017:3120-1
-
SUSE-SU-2017:3121-1
-
SUSE-SU-2017:3122-1
-
SUSE-SU-2017:3123-1
-
SUSE-SU-2017:3124-1
-
SUSE-SU-2017:3125-1
-
SUSE-SU-2017:3126-1
-
SUSE-SU-2017:3127-1
-
SUSE-SU-2017:3128-1
-
SUSE-SU-2017:3129-1
-
SUSE-SU-2017:3130-1
-
SUSE-SU-2017:3131-1
-
SUSE-SU-2017:3132-1
-
SUSE-SU-2017:3134-1
-
SUSE-SU-2017:3136-1
-
SUSE-SU-2017:3139-1
-
SUSE-SU-2017:3145-1
-
SUSE-SU-2017:3146-1
-
SUSE-SU-2017:3147-1
-
SUSE-SU-2017:3148-1
-
SUSE-SU-2017:3149-1
-
SUSE-SU-2017:3150-1
-
SUSE-SU-2017:3151-1
-
SUSE-SU-2017:3152-1
-
SUSE-SU-2017:3153-1
-
SUSE-SU-2017:3154-1
-
SUSE-SU-2017:3156-1
-
SUSE-SU-2017:3157-1
-
SUSE-SU-2017:3158-1
-
SUSE-SU-2017:3159-1
-
SUSE-SU-2017:3160-1
-
SUSE-SU-2017:3210-1
-
SUSE-SU-2017:3225-1
-
SUSE-SU-2017:3226-1
-
SUSE-SU-2017:3249-1
-
SUSE-SU-2017:3267-1
-
SUSE-SU-2017:3284-1
-
SUSE-SU-2017:3285-1
-
SUSE-SU-2017:3286-1
-
SUSE-SU-2017:3287-1
-
SUSE-SU-2017:3288-1
-
SUSE-SU-2017:3289-1
-
SUSE-SU-2017:3290-1
-
SUSE-SU-2017:3291-1
-
SUSE-SU-2017:3292-1
-
SUSE-SU-2017:3293-1
-
SUSE-SU-2017:3295-1
-
SUSE-SU-2017:3296-1
-
SUSE-SU-2017:3297-1
-
SUSE-SU-2017:3299-1
-
SUSE-SU-2017:3300-1
-
SUSE-SU-2017:3301-1
-
SUSE-SU-2017:3302-1
-
SUSE-SU-2017:3303-1
-
SUSE-SU-2017:3304-1
-
SUSE-SU-2017:3305-1
-
SUSE-SU-2017:3306-1
-
SUSE-SU-2017:3308-1
-
SUSE-SU-2017:3309-1
-
SUSE-SU-2017:3310-1
-
SUSE-SU-2017:3312-1
-
SUSE-SU-2017:3313-1
-
SUSE-SU-2017:3314-1
-
SUSE-SU-2017:3315-1
-
SUSE-SU-2017:3316-1
-
SUSE-SU-2017:3317-1
-
SUSE-SU-2017:3318-1
-
SUSE-SU-2017:3319-1
-
SUSE-SU-2017:3320-1
-
SUSE-SU-2017:3321-1
-
SUSE-SU-2017:3322-1
-
SUSE-SU-2017:3323-1
-
SUSE-SU-2017:3324-1
-
SUSE-SU-2017:3332-1
-
SUSE-SU-2017:3336-1
-
SUSE-SU-2017:3337-1
-
SUSE-SU-2017:3338-1
-
SUSE-SU-2017:3340-1
-
SUSE-SU-2018:0011-1
-
SUSE-SU-2018:0040-1
-
SUSE-SU-2018:0180-1
-
SUSE-SU-2018:0213-1
-
SUSE-SU-2018:0233-1
-
SUSE-SU-2018:0237-1
-
SUSE-SU-2018:0238-1
-
SUSE-SU-2018:0239-1
-
SUSE-SU-2018:0240-1
-
SUSE-SU-2018:0241-1
-
SUSE-SU-2018:0242-1
-
SUSE-SU-2018:0244-1
-
SUSE-SU-2018:0245-1
-
SUSE-SU-2018:0249-1
-
SUSE-SU-2018:0250-1
-
SUSE-SU-2018:0251-1
-
SUSE-SU-2018:0252-1
-
SUSE-SU-2018:0253-1
-
SUSE-SU-2018:0265-1
-
SUSE-SU-2018:0266-1
-
SUSE-SU-2018:0268-1
-
SUSE-SU-2018:0269-1
-
SUSE-SU-2018:0270-1
-
SUSE-SU-2018:0271-1
-
SUSE-SU-2018:0272-1
-
SUSE-SU-2018:0273-1
-
SUSE-SU-2018:0274-1
-
SUSE-SU-2018:0275-1
-
SUSE-SU-2018:0276-1
-
SUSE-SU-2018:0277-1
-
SUSE-SU-2018:0278-1
-
SUSE-SU-2018:0280-1
-
SUSE-SU-2018:0281-1
-
SUSE-SU-2018:0282-1
-
SUSE-SU-2018:0296-1
-
SUSE-SU-2018:0297-1
-
SUSE-SU-2018:0340-1
-
SUSE-SU-2018:0345-1
-
SUSE-SU-2018:0346-1
-
SUSE-SU-2018:0347-1
-
SUSE-SU-2018:0562-1
-
SUSE-SU-2018:0664-1
-
SUSE-SU-2019:0148-1
-
SUSE-SU-2019:0320-1
-
USN-3485-1
-
USN-3485-2
-
USN-3485-3
-
USN-3487-1
-
USN-3507-1
-
USN-3507-2
-
USN-3508-1
-
USN-3508-2
-
USN-3509-1
-
USN-3509-2
-
USN-3510-1
-
USN-3510-2
-
USN-3511-1
-
USN-3754-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2017:3307-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2017:3307-1 |
|
|
| Bugzilla | SUSE Bug 1064388 |
|
|
| Bugzilla | SUSE Bug 1064392 |
|
|
| Bugzilla | SUSE Bug 1069708 |
|
|
| CVE | SUSE CVE CVE-2017-15649 page |
|
|
| CVE | SUSE CVE CVE-2017-16939 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/kgraft-patch-3_12_61-52_101-xen?arch=x86_64&distro=sles-12 | suse |
kgraft-patch-3_12_61-52_101-xen
|
< 2-2.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/kgraft-patch-3_12_61-52_101-default?arch=x86_64&distro=sles-12 | suse |
kgraft-patch-3_12_61-52_101-default
|
< 2-2.1 | sles-12 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |