Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 428
Alerts This Week
Warning Icon 1 428

SUSE: 2017:2102-1 Important: Kernel Live Patch 22 for SLE 12

suse
Calendar Grey August 8, 2017
Dist Suse Esm H88
The latest Linux Kernel Live Patch 22 tackles three critical vulnerabilities on SLE 12, aiming to bolster the system's security and maintain its stability.
An update that fixes three vulnerabilities is now available

Summary

This update for the Linux Kernel 3.12.61-52_77 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892). Patch Instructions:

References

#1042892 #1046191 #1050751

Cross- CVE-2017-7533 CVE-2017-7645 CVE-2017-9242

Affected Products:

SUSE Linux Enterprise Server for SAP 12

SUSE Linux Enterprise Server 12-LTSS

https://www.suse.com/security/cve/CVE-2017-7533.html

https://www.suse.com/security/cve/CVE-2017-7645.html

https://www.suse.com/security/cve/CVE-2017-9242.html

https://bugzilla.suse.com/1042892

https://bugzilla.suse.com/1046191

https://bugzilla.suse.com/1050751

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:2102-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.