openSUSE Leap 42.2: 2017:1685-1 Important: Kernel Stack Bypass Issue
opensuse
June 26, 2017
An update that solves one vulnerability and has 27 fixes is An update that solves one vulnerability and has 27 fixes is An update that solves one vulnerability and has 27 fixes is ...
Description
The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive security
and bugfixes.
The following security bugs were fixed:
- CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be "jumped" over (the stack guard page is bypassed), this
affects Linux Kernel versions 4.11.5 and earlier (the stackguard page
was introduced in 2010) (bnc#1039348).
The previous fix caused some Java applications to crash and has been
replaced by the upstream fix.
The following non-security bugs were fixed:
- md: fix a null dereference (bsc#1040351).
- net/mlx5e: Fix timestamping capabilities reporting (bsc#966170,
bsc#1015342)
- reiserfs: don't preallocate blocks for extended attributes (bsc#990682)
- ibmvnic: Fix error handling when registering long-term-mapped buffers (bsc#1045568).
- Fix kabi after adding new field to struct...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-734=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.2 (x86_64):
kernel-debug-4.4.73-18.17.1
kernel-debug-base-4.4.73-18.17.1
kernel-debug-base-debuginfo-4.4.73-18.17.1
kernel-debug-debuginfo-4.4.73-18.17.1
kernel-debug-debugsource-4.4.73-18.17.1
kernel-debug-devel-4.4.73-18.17.1
kernel-debug-devel-debuginfo-4.4.73-18.17.1
kernel-default-4.4.73-18.17.1
kernel-default-base-4.4.73-18.17.1
kernel-default-base-debuginfo-4.4.73-18.17.1
kernel-default-debuginfo-4.4.73-18.17.1
kernel-default-debugsource-4.4.73-18.17.1
kernel-default-devel-4.4.73-18.17.1
kernel-obs-build-4.4.73-18.17.1
kernel-obs-build-debugsource-4.4.73-18.17.1
kernel-obs-qa-4.4.73-18.17.1
kernel-syms-4.4.73-18.17.1
kernel-vanilla-4.4.73-18.17.1
kernel-vanilla-base-4.4.73-18.17.1
kernel-vanilla-base-debuginfo-4.4.73-18.17.1
kernel-vanilla-debuginfo-4.4.73-18.17.1
kernel-vanilla-debugsource-4.4.73-18.17.1
kernel-vanilla-devel-4.4.73-18.17.1
- openSUSE Leap 42.2 (noarch):
kernel-devel-4.4.73-18.17.1
kernel-docs-4.4.73-18.17.2
kernel-docs-html-4.4.73-18.17.2
kernel-docs-pdf-4.4.73-18.17.2
k...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1015342
https://bugzilla.suse.com/1022595
https://bugzilla.suse.com/1027101
https://bugzilla.suse.com/1037669
https://bugzilla.suse.com/1039214
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1040351
https://bugzilla.suse.com/1040364
https://bugzilla.suse.com/1040567
https://bugzilla.suse.com/1040609
https://bugzilla.suse.com/1042286
https://bugzilla.suse.com/1042863
https://bugzilla.suse.com/1043990
https://bugzilla.suse.com/1044082
https://bugzilla.suse.com/1044120
https://bugzilla.suse.com/1044767
https://bugzilla.suse.com/1044772
https://bugzilla.suse.com/1044880
https://bugzilla.suse.com/1045154
https://bugzilla.suse.com/1045235
https://bugzilla.suse.com/1045286
https://bugzilla.suse.com/1045307
https://bugzilla.suse.com/1045467
https://bugzilla.suse.com/1045568
https://bugzilla.suse.com/966170
https://bugzilla.suse.com/966172
https://bugzilla.suse.com/966191
https://bugzilla.suse.com/990682
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2017:1685-1
Rating: important
Affected Products:
openSUSE Leap 42.2
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!