Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 554
Alerts This Week
Warning Icon 1 554

SUSE Linux 12-SP1: 2017:1360-1 Important: Kernel Denial Of Service

suse
Calendar Grey May 19, 2017
Scroller Suse Esm H88
Important SUSE Kernel Patch: 30 vulnerabilities addressed with detailed fix guidelines included.
An update that solves 30 vulnerabilities and has 72 fixes An update that solves 30 vulnerabilities and has 72 fixes An update that solves 30 vulnerabilities and has 72 fixes is now...

Summary

The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.74 to receive various security and bugfixes. Notable new/improved features: - Improved support for Hyper-V - Support for the tcp_westwood TCP scheduling algorithm The following security bugs were fixed: - CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bsc#1035877). - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. (bsc#1029850).

References

#1003077 #1008842 #1009682 #1012620 #1012985

#1015703 #1015787 #1015821 #1017512 #1018100

#1018263 #1018419 #1018446 #1019168 #1019514

#1020048 #1020795 #1021256 #1021374 #1021762

#1021913 #1022559 #1022971 #1023164 #1023207

#1023377 #1023762 #1023824 #1023888 #1023992

#1024081 #1024234 #1024309 #1024508 #1024788

#1025039 #1025235 #1025354 #1025802 #1026024

#1026722 #1026914 #1027066 #1027178 #1027189

#1027190 #1027974 #1028041 #1028415 #1028595

#1028648 #1028895 #1029470 #1029850 #1029986

#1030118 #1030213 #1030593 #1030901 #1031003

#1031052 #1031080 #1031440 #1031567 #1031579

#1031662 #1031842 #1032125 #1032141 #1032344

#1032345 #1033336 #1034670 #103470 #1034700

#1035576 #1035...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:1360-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.