openSUSE Leap 42.3: 2018:3202-1 Important: Kernel Update
opensuse
October 17, 2018
An update that solves 13 vulnerabilities and has 74 fixes is now available.
Description
The openSUSE Leap 42.3 kernel was updated to 4.4.159 to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2018-13096: A denial of service (out-of-bounds memory access and
BUG) can occur upon encountering an abnormal bitmap size when mounting a
crafted f2fs image (bnc#1100062).
- CVE-2018-13097: There is an out-of-bounds read or a divide-by-zero error
for an incorrect user_block_count in a corrupted f2fs image, leading to
a denial of service (BUG) (bnc#1100061).
- CVE-2018-13098: A denial of service (slab out-of-bounds read and BUG)
can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is
set in an inode (bnc#1100060).
- CVE-2018-13099: A denial of service (out-of-bounds memory access and
BUG) can occur for a modified f2fs filesystem image in which an inline
inode contains an invalid reserved blkaddr (bnc#1100059).
- CVE-2018-13100: An issue was discovered in...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-1184=1
Package List
- openSUSE Leap 42.3 (x86_64):
kernel-debug-4.4.159-73.1
kernel-debug-base-4.4.159-73.1
kernel-debug-base-debuginfo-4.4.159-73.1
kernel-debug-debuginfo-4.4.159-73.1
kernel-debug-debugsource-4.4.159-73.1
kernel-debug-devel-4.4.159-73.1
kernel-debug-devel-debuginfo-4.4.159-73.1
kernel-default-4.4.159-73.1
kernel-default-base-4.4.159-73.1
kernel-default-base-debuginfo-4.4.159-73.1
kernel-default-debuginfo-4.4.159-73.1
kernel-default-debugsource-4.4.159-73.1
kernel-default-devel-4.4.159-73.1
kernel-obs-build-4.4.159-73.1
kernel-obs-build-debugsource-4.4.159-73.1
kernel-obs-qa-4.4.159-73.1
kernel-syms-4.4.159-73.1
kernel-vanilla-4.4.159-73.1
kernel-vanilla-base-4.4.159-73.1
kernel-vanilla-base-debuginfo-4.4.159-73.1
kernel-vanilla-debuginfo-4.4.159-73.1
kernel-vanilla-debugsource-4.4.159-73.1
kernel-vanilla-devel-4.4.159-73.1
- openSUSE Leap 42.3 (noarch):
kernel-devel-4.4.159-73.1
kernel-docs-4.4.159-73.2
kernel-docs-html-4.4.159-73.2
kernel-docs-pdf-4.4.159-73.2
kernel-macros-4.4.159-73.1
kernel-source-4.4.159-73.1
ker...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2018-13096.html
https://www.suse.com/security/cve/CVE-2018-13097.html
https://www.suse.com/security/cve/CVE-2018-13098.html
https://www.suse.com/security/cve/CVE-2018-13099.html
https://www.suse.com/security/cve/CVE-2018-13100.html
https://www.suse.com/security/cve/CVE-2018-14613.html
https://www.suse.com/security/cve/CVE-2018-14617.html
https://www.suse.com/security/cve/CVE-2018-14633.html
https://www.suse.com/security/cve/CVE-2018-16276.html
https://www.suse.com/security/cve/CVE-2018-16597.html
https://www.suse.com/security/cve/CVE-2018-17182.html
https://www.suse.com/security/cve/CVE-2018-7480.html
https://www.suse.com/security/cve/CVE-2018-7757.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1044189
https://bugzilla.suse.com/1050549
https://bugzilla.suse.com/1063026
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1066223
https://bugzilla.suse.com/1082519
https://bugzilla.suse.com/1082863
https://bugzilla.suse.com/1082979
https://bugzilla...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2018:3202-1
Rating: important
Affected Products:
openSUSE Leap 42.3
le.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!