openSUSE Leap 42.3: 2017:2384-1 Important: Kernel Denial of Service
opensuse
September 7, 2017
An update that solves two vulnerabilities and has 58 fixes An update that solves two vulnerabilities and has 58 fixes An update that solves two vulnerabilities and has 58 fixes is ...
Description
The openSUSE Leap 42.3 kernel was updated to 4.4.85 to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2017-14051: An integer overflow in the
qla2x00_sysfs_write_optrom_ctl function in
drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by
leveraging root access (bnc#1056588).
- CVE-2017-12134: The xen_biovec_phys_mergeable function in
drivers/xen/biomerge.c in Xen might allow local OS guest users to
corrupt block device data streams and consequently obtain sensitive
memory information, cause a denial of service, or gain host OS
privileges by leveraging incorrect block IO merge-ability calculation
(bnc#1051790 bnc#1053919).
The following non-security bugs were fixed:
- acpi: apd: Add clock frequency for Hisilicon Hip07/08 I2C controller
(bsc#1049291).
- acpi: apd: Fix HID for...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2017-1017=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.3 (noarch):
kernel-devel-4.4.85-22.1
kernel-docs-4.4.85-22.3
kernel-docs-html-4.4.85-22.3
kernel-docs-pdf-4.4.85-22.3
kernel-macros-4.4.85-22.1
kernel-source-4.4.85-22.1
kernel-source-vanilla-4.4.85-22.1
- openSUSE Leap 42.3 (x86_64):
kernel-debug-4.4.85-22.1
kernel-debug-base-4.4.85-22.1
kernel-debug-base-debuginfo-4.4.85-22.1
kernel-debug-debuginfo-4.4.85-22.1
kernel-debug-debugsource-4.4.85-22.1
kernel-debug-devel-4.4.85-22.1
kernel-debug-devel-debuginfo-4.4.85-22.1
kernel-default-4.4.85-22.1
kernel-default-base-4.4.85-22.1
kernel-default-base-debuginfo-4.4.85-22.1
kernel-default-debuginfo-4.4.85-22.1
kernel-default-debugsource-4.4.85-22.1
kernel-default-devel-4.4.85-22.1
kernel-obs-build-4.4.85-22.1
kernel-obs-build-debugsource-4.4.85-22.1
kernel-obs-qa-4.4.85-22.1
kernel-syms-4.4.85-22.1
kernel-vanilla-4.4.85-22.1
kernel-vanilla-base-4.4.85-22.1
kernel-vanilla-base-debuginfo-4.4.85-22.1
kernel-vanilla-debuginfo-4.4.85-22.1
kernel-vanilla-debugsource-4.4.85-22.1
kernel-vanilla-devel-4.4.85-22....
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2017-12134.html
https://www.suse.com/security/cve/CVE-2017-14051.html
https://bugzilla.suse.com/1005776
https://bugzilla.suse.com/1015342
https://bugzilla.suse.com/1020645
https://bugzilla.suse.com/1020657
https://bugzilla.suse.com/1030850
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1031784
https://bugzilla.suse.com/1034048
https://bugzilla.suse.com/1037838
https://bugzilla.suse.com/1040813
https://bugzilla.suse.com/1042847
https://bugzilla.suse.com/1047487
https://bugzilla.suse.com/1047989
https://bugzilla.suse.com/1048155
https://bugzilla.suse.com/1048228
https://bugzilla.suse.com/1048325
https://bugzilla.suse.com/1048327
https://bugzilla.suse.com/1048356
https://bugzilla.suse.com/1048501
https://bugzilla.suse.com/1048912
https://bugzilla.suse.com/1048934
https://bugzilla.suse.com/1049226
https://bugzilla.suse.com/1049272
https://bugzilla.suse.com/1049291
https://bugzilla.suse.com/1049336
https://bugzilla.suse.com/1050211
https://bugzilla.suse.com/1050742
htt...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2017:2384-1
Rating: important
Affected Products:
openSUSE Leap 42.3
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!