Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2016:0336-1 Important: Kernel Live Patch Local Privilege Escalation

suse
Calendar Grey February 4, 2016
Dist Suse Esm H88
SUSE Security Advisory for kernel live patch 9 tackles a severe local privilege escalation vulnerability found in SUSE Linux Enterprise.
An update that fixes one vulnerability is now available

Summary

This kernel live patch for Linux Kernel 3.12.51-52.31.1 fixes a security issue: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-204=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-52_31-default-2-2.1 kgraft-patch-3_12_51-52_31-xen-2-2.1

Topics%20covered

Topics Covered

security advisory security issue local privilege critical kernel patch important SUSE Linux

References

#958601

Cross- CVE-2015-8539

Affected Products:

SUSE Linux Enterprise Live Patching 12

https://www.suse.com/security/cve/CVE-2015-8539.html

https://bugzilla.suse.com/show_bug.cgi?id=958601

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2016:0336-1
Rating: important

Topics%20covered

Topics Covered

security advisory security issue local privilege critical kernel patch important SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here