SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1925-1
Rating:             important
References:         #1031481 #1031660 #1039496 
Cross-References:   CVE-2017-1000364
Affected Products:
                    SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

   An update that solves one vulnerability and has two fixes
   is now available.

Description:

   This update for the Linux Kernel 4.4.49-92_14 fixes several issues.

   The following security bugs were fixed:

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard
     page on Linux, specifically a 4k stack guard page is not sufficiently
     large and can be "jumped" over (the stack guard page is bypassed)
     (bsc#1039496).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Live Patching 12:

      zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1196=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Live Patching 12 (x86_64):

      kgraft-patch-4_4_49-92_14-default-3-3.1


References:

   https://www.suse.com/security/cve/CVE-2017-1000364.html
   https://bugzilla.suse.com/1031481
   https://bugzilla.suse.com/1031660
   https://bugzilla.suse.com/1039496

SuSE: 2017:1925-1: important: Linux Kernel Live Patch 6 for SLE 12 SP2

July 21, 2017
An update that solves one vulnerability and has two fixes An update that solves one vulnerability and has two fixes An update that solves one vulnerability and has two fixes is now...

Summary

This update for the Linux Kernel 4.4.49-92_14 fixes several issues. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1196=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_49-92_14-default-3-3.1

References

#1031481 #1031660 #1039496

Cross- CVE-2017-1000364

Affected Products:

SUSE Linux Enterprise Live Patching 12

https://www.suse.com/security/cve/CVE-2017-1000364.html

https://bugzilla.suse.com/1031481

https://bugzilla.suse.com/1031660

https://bugzilla.suse.com/1039496

Severity
Announcement ID: SUSE-SU-2017:1925-1
Rating: important

Related News

32.Lock Code Circular Esm H170
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its
6.EmailConnection Touch Esm H170
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
20.Lock AbstractDigital Circular Esm H170
2 - 3 min read
Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other
20.Lock AbstractDigital Circular Esm H170
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server (apache2) impacting versions
24.Key Code Esm H170
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
8.Locks HexConnections CodeGlobe Esm H170
2 - 4 min read
A new backdoor, "Noodle RAT" has caused widespread alarm across the cybersecurity landscape. Research highlights this previously undisclosed malware
30.Lock Globe Motherboard Esm H170
3 - 5 min read
An update to OpenSSH , an open-source implementation of the Secure Shell (SSH) protocol, will introduce options to penalize unwanted behavior and
11.Locks IsometricPattern Esm H170
2 - 3 min read
Gitloker attacks have emerged with increased frequency in recent weeks, targeting GitHub repositories by wiping them clean of all content before

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved