SUSE: 2017:1898-1 Important: Systemd Out-Of-Bounds Security Risk

suse

July 19, 2017

An update that solves one vulnerability and has 8 fixes is An update that solves one vulnerability and has 8 fixes is An update that solves one vulnerability and has 8 fixes is now...

Summary

This update for systemd and dracut fixes the following issues: Security issues fixed: - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. (bsc#1045290) Non-security issues fixed in systemd: - Automounter issue in combination with NFS volumes (bsc#1040968) - Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153) - Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750) Non-security issues fixed in dracut: - Bail out if module directory does not exist. (bsc#1043900) - Suppress bogus error message. (bsc#1032029) - Fix module force loading with systemd. (bsc#986216) - Ship udev files required by systemd. (bsc#1040153) - Ignore module resolution errors (e.g. with kgraft). (bsc#1037120) Patch Instructions:

Topics Covered

security advisory software patch SUSE important update out-of-bounds dracut systemd

References

#1032029 #1033238 #1037120 #1040153 #1040968

#1043900 #1045290 #1046750 #986216

Cross- CVE-2017-9445

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Desktop 12-SP2

OpenStack Cloud Magnum Orchestration 7

https://www.suse.com/security/cve/CVE-2017-9445.html

https://bugzilla.suse.com/1032029

https://bugzilla.suse.com/1033238

https://bugzilla.suse.com/1037120

https://bugzilla.suse.com/1040153

https://bugzilla.suse.com/1040968

https://bugzilla.suse.com/1043900

https://bugzilla.suse.com/1045290

https://bugzilla.suse.com/1046750

https://bugzilla.suse.com/986216

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2017:1898-1

Rating: important

Topics Covered

security advisory software patch SUSE important update out-of-bounds dracut systemd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:1898-1 Important: Systemd Out-Of-Bounds Security Risk

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:1898-1 Important: Systemd Out-Of-Bounds Security Risk

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!