Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 548
Alerts This Week
Warning Icon 1 548

SUSE Linux Enterprise 11-SP4: 2017:1628-1 Critical: Memory Corruption

suse
Calendar Grey June 21, 2017
Dist Suse Esm H88
SUSE-SU-2018:1234-1 modifies the core components to rectify severe vulnerabilities associated with data integrity and protection improvements.
An update that solves one vulnerability and has four fixes An update that solves one vulnerability and has four fixes An update that solves one vulnerability and has four fixes is ...

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: The default stack guard page was too small and could be "jumped over" by userland programs using more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a hardening measure against this kind of userland attack.(bsc#1039348) The following non-security bugs were fixed: - fnic now returns 'DID_IMM_RETRY' if rport is not ready (bsc#1035920). - fnic is now using rport->dd_data to check if rport is online instead of rport_lookup (bsc#1035920). - The rport check location in fnic_queuecommand_lck was corrected

References

#1018074 #1035920 #1039348 #1042921 #1043234

Cross- CVE-2017-1000364

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2017-1000364.html

https://bugzilla.suse.com/1018074

https://bugzilla.suse.com/1035920

https://bugzilla.suse.com/1039348

https://bugzilla.suse.com/1042921

https://bugzilla.suse.com/1043234

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:1628-1
Rating: critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.