openSUSE Leap 42.1: 2017:1215-1 Important Kernel Denial Of Service Fix
opensuse
May 8, 2017
An update that solves 8 vulnerabilities and has 7 fixes is An update that solves 8 vulnerabilities and has 7 fixes is An update that solves 8 vulnerabilities and has 7 fixes is now...
Description
The openSUSE Leap 42.1 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to
cause a denial of service (API operation calling its own callback, and
infinite recursion) by triggering EBUSY on a full queue (bnc#1033340).
- CVE-2016-10318: A missing authorization check in the
fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and
f2fs filesystem encryption support in the Linux kernel allowed a user to
assign an encryption policy to a directory owned by a different user,
potentially creating a denial of service (bnc#1032435).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind
compat syscalls in mm/mempolicy.c in the Linux kernel allowed local
users to obtain sensitive information from uninitialized stack data by
triggering failure of a certain bitmap operation...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-562=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.1 (i686 x86_64):
kernel-debug-4.1.39-56.1
kernel-debug-base-4.1.39-56.1
kernel-debug-base-debuginfo-4.1.39-56.1
kernel-debug-debuginfo-4.1.39-56.1
kernel-debug-debugsource-4.1.39-56.1
kernel-debug-devel-4.1.39-56.1
kernel-debug-devel-debuginfo-4.1.39-56.1
kernel-ec2-4.1.39-56.1
kernel-ec2-base-4.1.39-56.1
kernel-ec2-base-debuginfo-4.1.39-56.1
kernel-ec2-debuginfo-4.1.39-56.1
kernel-ec2-debugsource-4.1.39-56.1
kernel-ec2-devel-4.1.39-56.1
kernel-pv-4.1.39-56.1
kernel-pv-base-4.1.39-56.1
kernel-pv-base-debuginfo-4.1.39-56.1
kernel-pv-debuginfo-4.1.39-56.1
kernel-pv-debugsource-4.1.39-56.1
kernel-pv-devel-4.1.39-56.1
kernel-vanilla-4.1.39-56.1
kernel-vanilla-debuginfo-4.1.39-56.1
kernel-vanilla-debugsource-4.1.39-56.1
kernel-vanilla-devel-4.1.39-56.1
kernel-xen-4.1.39-56.1
kernel-xen-base-4.1.39-56.1
kernel-xen-base-debuginfo-4.1.39-56.1
kernel-xen-debuginfo-4.1.39-56.1
kernel-xen-debugsource-4.1.39-56.1
kernel-xen-devel-4.1.39-56.1
- openSUSE Leap 42.1 (i586 x86_64):
kernel-default-4.1.39-56.1
kernel...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2016-10318.html
https://www.suse.com/security/cve/CVE-2017-2671.html
https://www.suse.com/security/cve/CVE-2017-7187.html
https://www.suse.com/security/cve/CVE-2017-7261.html
https://www.suse.com/security/cve/CVE-2017-7294.html
https://www.suse.com/security/cve/CVE-2017-7308.html
https://www.suse.com/security/cve/CVE-2017-7616.html
https://www.suse.com/security/cve/CVE-2017-7618.html
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1012876
https://bugzilla.suse.com/1028415
https://bugzilla.suse.com/1030213
https://bugzilla.suse.com/1031003
https://bugzilla.suse.com/1031052
https://bugzilla.suse.com/1031440
https://bugzilla.suse.com/1031579
https://bugzilla.suse.com/1032435
https://bugzilla.suse.com/1033336
https://bugzilla.suse.com/1033340
https://bugzilla.suse.com/1033518
https://bugzilla.suse.com/1034670
https://bugzilla.suse.com/930399
https://bugzilla.suse.com/970083
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2017:1215-1
Rating: important
Affected Products:
openSUSE Leap 42.1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!