openSUSE 42.3: 2017:2171-1 Important: Kernel Critical Security Fixes
opensuse
August 15, 2017
An update that solves three vulnerabilities and has 29 fixes is now available.
Description
The openSUSE Leap 42.3 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2017-1000111: Fixed a race condition in net-packet code that could
be exploited to cause out-of-bounds memory access (bsc#1052365).
- CVE-2017-1000112: Fixed a race condition in net-packet code that could
have been exploited by unprivileged users to gain root access.
(bsc#1052311).
- CVE-2017-8831: The saa7164_bus_get function in
drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed
local users to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact by changing a certain
sequence-number value, aka a "double fetch" vulnerability (bnc#1037994).
The following non-security bugs were fixed:
- acpi/nfit: Add support of NVDIMM memory error notification in ACPI 6.2
(bsc#1052325).
- acpi/nfit: Issue Start ARS to retrieve existing records...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2017-930=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.3 (x86_64):
kernel-debug-4.4.79-19.1
kernel-debug-base-4.4.79-19.1
kernel-debug-base-debuginfo-4.4.79-19.1
kernel-debug-debuginfo-4.4.79-19.1
kernel-debug-debugsource-4.4.79-19.1
kernel-debug-devel-4.4.79-19.1
kernel-debug-devel-debuginfo-4.4.79-19.1
kernel-default-4.4.79-19.1
kernel-default-base-4.4.79-19.1
kernel-default-base-debuginfo-4.4.79-19.1
kernel-default-debuginfo-4.4.79-19.1
kernel-default-debugsource-4.4.79-19.1
kernel-default-devel-4.4.79-19.1
kernel-obs-build-4.4.79-19.1
kernel-obs-build-debugsource-4.4.79-19.1
kernel-obs-qa-4.4.79-19.1
kernel-syms-4.4.79-19.1
kernel-vanilla-4.4.79-19.1
kernel-vanilla-base-4.4.79-19.1
kernel-vanilla-base-debuginfo-4.4.79-19.1
kernel-vanilla-debuginfo-4.4.79-19.1
kernel-vanilla-debugsource-4.4.79-19.1
kernel-vanilla-devel-4.4.79-19.1
- openSUSE Leap 42.3 (noarch):
kernel-devel-4.4.79-19.1
kernel-docs-4.4.79-19.2
kernel-docs-html-4.4.79-19.2
kernel-docs-pdf-4.4.79-19.2
kernel-macros-4.4.79-19.1
kernel-source-4.4.79-19.1
kernel-source-vanilla-4.4.79-19....
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2017-1000111.html
https://www.suse.com/security/cve/CVE-2017-1000112.html
https://www.suse.com/security/cve/CVE-2017-8831.html
https://bugzilla.suse.com/1015337
https://bugzilla.suse.com/1019151
https://bugzilla.suse.com/1023175
https://bugzilla.suse.com/1037404
https://bugzilla.suse.com/1037994
https://bugzilla.suse.com/1038078
https://bugzilla.suse.com/1038792
https://bugzilla.suse.com/1039153
https://bugzilla.suse.com/1043652
https://bugzilla.suse.com/1043805
https://bugzilla.suse.com/1047027
https://bugzilla.suse.com/1048912
https://bugzilla.suse.com/1049298
https://bugzilla.suse.com/1051399
https://bugzilla.suse.com/1051556
https://bugzilla.suse.com/1051689
https://bugzilla.suse.com/1051979
https://bugzilla.suse.com/1052049
https://bugzilla.suse.com/1052204
https://bugzilla.suse.com/1052223
https://bugzilla.suse.com/1052311
https://bugzilla.suse.com/1052325
https://bugzilla.suse.com/1052365
https://bugzilla.suse.com/1052442
https://bugzilla.suse.com/1052533
https://bugzi...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2017:2171-1
Rating: important
Affected Products:
openSUSE Leap 42.3
le.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!