Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 455
Alerts This Week
Warning Icon 1 455

openSUSE: 2021:0555-1 Critical: Kernel Security Updates for Stability

opensuse
Calendar Grey February 22, 2017
Dist Opensuse Esm H88
Significant openSUSE released a new kernel version to rectify various problems, incorporating resolutions for denial of service flaws and urgent patches.
An update that solves four vulnerabilities and has 86 fixes is now available.

Description

The openSUSE Leap 42.1 kernel was updated to receive various security and

bugfixes.

The following security bugs were fixed:

- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c

in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures

in the LISTEN state, which allowed local users to cause a denial of

service (invalid free) or possibly have unspecified other impact via an

application that made an IPV6_RECVPKTINFO setsockopt system call

(bnc#1026024).

- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in

net/sctp/socket.c in the Linux kernel allowed local users to cause a

denial of service (assertion failure and panic) via a multithreaded

application that peels off an association in a certain buffer-full state

(bnc#1025235).

- CVE-2017-5970: The ipv4_pktinfo_prepare function in

net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a

denial of...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2017-287=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.1 (i586 x86_64):

kernel-default-4.1.38-50.1

kernel-default-base-4.1.38-50.1

kernel-default-base-debuginfo-4.1.38-50.1

kernel-default-debuginfo-4.1.38-50.1

kernel-default-debugsource-4.1.38-50.1

kernel-default-devel-4.1.38-50.1

kernel-obs-build-4.1.38-50.2

kernel-obs-build-debugsource-4.1.38-50.2

kernel-obs-qa-4.1.38-50.1

kernel-syms-4.1.38-50.1

- openSUSE Leap 42.1 (i686 x86_64):

kernel-debug-4.1.38-50.1

kernel-debug-base-4.1.38-50.1

kernel-debug-base-debuginfo-4.1.38-50.1

kernel-debug-debuginfo-4.1.38-50.1

kernel-debug-debugsource-4.1.38-50.1

kernel-debug-devel-4.1.38-50.1

kernel-debug-devel-debuginfo-4.1.38-50.1

kernel-ec2-4.1.38-50.1

kernel-ec2-base-4.1.38-50.1

kernel-ec2-base-debuginfo-4.1.38-50.1

kernel-ec2-debuginfo-4.1.38-50.1

kernel-ec2-debugsource-4.1.38-50.1

kernel-ec2-devel-4.1.38-50.1

kernel-pv-4.1.38-50.1

kernel-pv-base-4.1.38-50.1

kernel-pv-base-debuginfo-4.1.38-50.1

kernel-pv-debuginfo-4.1.38-50.1

kernel-pv-debugsource-4.1.38-50.1

kernel-pv-devel-4.1.38-50.1

kernel-vanilla-4.1.38-50...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2017-5897.html

https://www.suse.com/security/cve/CVE-2017-5970.html

https://www.suse.com/security/cve/CVE-2017-5986.html

https://www.suse.com/security/cve/CVE-2017-6074.html

https://bugzilla.suse.com/1005666

https://bugzilla.suse.com/1015787

https://bugzilla.suse.com/1018100

https://bugzilla.suse.com/1023762

https://bugzilla.suse.com/1023888

https://bugzilla.suse.com/1024081

https://bugzilla.suse.com/1024234

https://bugzilla.suse.com/1024508

https://bugzilla.suse.com/1024938

https://bugzilla.suse.com/1025047

https://bugzilla.suse.com/1025048

https://bugzilla.suse.com/1025049

https://bugzilla.suse.com/1025050

https://bugzilla.suse.com/1025051

https://bugzilla.suse.com/1025053

https://bugzilla.suse.com/1025055

https://bugzilla.suse.com/1025057

https://bugzilla.suse.com/1025058

https://bugzilla.suse.com/1025059

https://bugzilla.suse.com/1025060

https://bugzilla.suse.com/1025061

https://bugzilla.suse.com/1025062

https://bugzilla.suse.com/1025063

https://bugzilla.suse.com/1025064...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2017:0547-1
Rating: important
Affected Products: openSUSE Leap 42.1 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.