Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

openSUSE Leap 42.2 Advisory 2017:1825-1, Important: Kernel Security Fixes

opensuse
Calendar Grey July 8, 2017
Dist Opensuse Esm H88
This patch resolves several vulnerabilities in the Linux Kernel for openSUSE, improving overall system integrity by rectifying significant flaws.
An update that solves two vulnerabilities and has 14 fixes An update that solves two vulnerabilities and has 14 fixes An update that solves two vulnerabilities and has 14 fixes is ...

Description

The openSUSE Leap 42.2 kernel was updated to 4.4.74 to receive various

security and bugfixes.

This update fixes some long standing btrfs issues.

The following security bugs were fixed:

- CVE-2017-7518: A KVM debug exception in the syscall handling was fixed

which might have been used for local privilege escalation. (bnc#1045922).

- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the

arguments and environmental strings passed through

RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the

argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).

The following non-security bugs were fixed:

- bluetooth: hidp: fix possible might sleep error in hidp_session_thread

(bsc#1031784).

- btrfs: disable possible cause of premature ENOSPC (bsc#1040182)

- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).

- btrfs: Round down...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory privilege escalation local denial of service openSUSE core kernel

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-798=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.2 (noarch):

kernel-devel-4.4.74-18.20.1

kernel-docs-4.4.74-18.20.3

kernel-docs-html-4.4.74-18.20.3

kernel-docs-pdf-4.4.74-18.20.3

kernel-macros-4.4.74-18.20.1

kernel-source-4.4.74-18.20.1

kernel-source-vanilla-4.4.74-18.20.1

- openSUSE Leap 42.2 (x86_64):

kernel-debug-4.4.74-18.20.1

kernel-debug-base-4.4.74-18.20.1

kernel-debug-base-debuginfo-4.4.74-18.20.1

kernel-debug-debuginfo-4.4.74-18.20.1

kernel-debug-debugsource-4.4.74-18.20.1

kernel-debug-devel-4.4.74-18.20.1

kernel-debug-devel-debuginfo-4.4.74-18.20.1

kernel-default-4.4.74-18.20.1

kernel-default-base-4.4.74-18.20.1

kernel-default-base-debuginfo-4.4.74-18.20.1

kernel-default-debuginfo-4.4.74-18.20.1

kernel-default-debugsource-4.4.74-18.20.1

kernel-default-devel-4.4.74-18.20.1

kernel-obs-build-4.4.74-18.20.1

kernel-obs-build-debugsource-4.4.74-18.20.1

kernel-obs-qa-4.4.74-18.20.1

kernel-syms-4.4.74-18.20.1

kernel-vanilla-4.4.74-18.20.1

kernel-vanilla-base-4.4.74-18.20.1

kernel-vanilla-base-debuginfo-4.4.74-18.20.1

kernel-vanilla-debuginfo...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2017-1000365.html

https://www.suse.com/security/cve/CVE-2017-7518.html

https://bugzilla.suse.com/1025461

https://bugzilla.suse.com/1026570

https://bugzilla.suse.com/1031784

https://bugzilla.suse.com/1039354

https://bugzilla.suse.com/1040182

https://bugzilla.suse.com/1040941

https://bugzilla.suse.com/1043347

https://bugzilla.suse.com/1043488

https://bugzilla.suse.com/1043912

https://bugzilla.suse.com/1044854

https://bugzilla.suse.com/1044912

https://bugzilla.suse.com/1045922

https://bugzilla.suse.com/1046105

https://bugzilla.suse.com/1046434

https://bugzilla.suse.com/1046589

https://bugzilla.suse.com/1046821

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2017:1825-1
Rating: important
Affected Products: openSUSE Leap 42.2

Topics%20covered

Topics Covered

security advisory privilege escalation local denial of service openSUSE core kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here