openSUSE Leap 42.2: 2017:0541-1 Important: Kernel Security Update
opensuse
February 22, 2017
An update that solves four vulnerabilities and has 16 fixes An update that solves four vulnerabilities and has 16 fixes An update that solves four vulnerabilities and has 16 fixes ...
Description
The openSUSE Leap 42.2 kernel was updated to 4.4.49 to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5986: A userlevel triggerable BUG_ON on sctp_wait_for_sndbuf
was fixed. (bsc#1025235)
- CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a
denial of service (system crash) via (1) an application that made
crafted system calls or possibly (2) IPv4 traffic with invalid IP
options (bnc#1024938).
- CVE-2017-5897: A potential remote denial of service within the IPv6 GRE
protocol was fixed. (bsc#1023762)
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c
in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures
in the LISTEN state, which allowed local users to cause a denial of
service (invalid free) or possibly have unspecified other impact via an
application that...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-286=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.2 (noarch):
kernel-devel-4.4.49-16.1
kernel-docs-4.4.49-16.2
kernel-docs-html-4.4.49-16.2
kernel-docs-pdf-4.4.49-16.2
kernel-macros-4.4.49-16.1
kernel-source-4.4.49-16.1
kernel-source-vanilla-4.4.49-16.1
- openSUSE Leap 42.2 (x86_64):
kernel-debug-4.4.49-16.1
kernel-debug-base-4.4.49-16.1
kernel-debug-base-debuginfo-4.4.49-16.1
kernel-debug-debuginfo-4.4.49-16.1
kernel-debug-debugsource-4.4.49-16.1
kernel-debug-devel-4.4.49-16.1
kernel-debug-devel-debuginfo-4.4.49-16.1
kernel-default-4.4.49-16.1
kernel-default-base-4.4.49-16.1
kernel-default-base-debuginfo-4.4.49-16.1
kernel-default-debuginfo-4.4.49-16.1
kernel-default-debugsource-4.4.49-16.1
kernel-default-devel-4.4.49-16.1
kernel-obs-build-4.4.49-16.1
kernel-obs-build-debugsource-4.4.49-16.1
kernel-obs-qa-4.4.49-16.1
kernel-syms-4.4.49-16.1
kernel-vanilla-4.4.49-16.1
kernel-vanilla-base-4.4.49-16.1
kernel-vanilla-base-debuginfo-4.4.49-16.1
kernel-vanilla-debuginfo-4.4.49-16.1
kernel-vanilla-debugsource-4.4.49-16.1
kernel-vanilla-devel-4.4.49-16....
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2017-5897.html
https://www.suse.com/security/cve/CVE-2017-5970.html
https://www.suse.com/security/cve/CVE-2017-5986.html
https://www.suse.com/security/cve/CVE-2017-6074.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1018100
https://bugzilla.suse.com/1019168
https://bugzilla.suse.com/1020048
https://bugzilla.suse.com/1021082
https://bugzilla.suse.com/1022181
https://bugzilla.suse.com/1022304
https://bugzilla.suse.com/1023762
https://bugzilla.suse.com/1023884
https://bugzilla.suse.com/1023888
https://bugzilla.suse.com/1024081
https://bugzilla.suse.com/1024234
https://bugzilla.suse.com/1024508
https://bugzilla.suse.com/1024938
https://bugzilla.suse.com/1025235
https://bugzilla.suse.com/1026024
https://bugzilla.suse.com/969479
https://bugzilla.suse.com/982783
https://bugzilla.suse.com/989056
https://bugzilla.suse.com/998106
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2017:0541-1
Rating: important
Affected Products:
openSUSE Leap 42.2
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!