Explore top 10 tips to secure your open-source projects now. Read More
×
The SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097 (bnc#1021258). - CVE-2016-7097: posix_acl: Clear SGID bit when setting file permissions (bsc#995968). - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS
#1003077 #1003344 #1003568 #1003677 #1003813
#1003866 #1003925 #1004517 #1004520 #1005857
#1005877 #1005896 #1005903 #1006917 #1006919
#1007615 #1007944 #1008557 #1008645 #1008831
#1008833 #1008893 #1009875 #1010150 #1010175
#1010201 #1010467 #1010501 #1010507 #1010711
#1010716 #1011685 #1011820 #1012411 #1012422
#1012832 #1012851 #1012917 #1013018 #1013038
#1013042 #1013070 #1013531 #1013533 #1013542
#1013604 #1014410 #1014454 #1014746 #1015561
#1015752 #1015760 #1015796 #1015803 #1015817
#1015828 #1015844 #1015848 #1015878 #1015932
#1016320 #1016505 #1016520 #1016668 #1016688
#1016824 #1016831 #1017686 #1017710 #1019148
#1019165 #1019348 #1019783 #1020214 #1021258
#748806 #7631...
Read the Full Advisory
Get the latest Linux and open source security news straight to your inbox.