Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

SUSE: 2021:4567-3 Critical: Kernel Security Flaws Detected

suse
Calendar Grey November 2, 2017
Dist Suse Esm H88
A recent patch addresses various vulnerabilities in the Linux kernel for SUSE environments, vital for maintaining system reliability and efficiency.
An update that solves 36 vulnerabilities and has 22 fixes An update that solves 36 vulnerabilities and has 22 fixes An update that solves 36 vulnerabilities and has 22 fixes is now...

Summary

The SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388). - CVE-2015-9004: kernel/events/core.c in the Linux kernel mishandled counter grouping, which allowed local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions (bnc#1037306). - CVE-2016-10229: udp.c in the Linux kernel allowed remote attackers to

Topics%20covered

Topics Covered

security advisory critical privilege escalation kernel system update Denial of Service SUSE

References

#1008353 #1012422 #1017941 #1029850 #1030593

#1032268 #1034405 #1034670 #1035576 #1035877

#1036752 #1037182 #1037183 #1037306 #1037994

#1038544 #1038879 #1038981 #1038982 #1039348

#1039349 #1039354 #1039456 #1039721 #1039882

#1039883 #1039885 #1040069 #1041431 #1041958

#1044125 #1045327 #1045487 #1045922 #1046107

#1047408 #1048275 #1049645 #1049882 #1052593

#1053148 #1053152 #1056588 #1056982 #1057179

#1058038 #1058410 #1058507 #1058524 #1062520

#1063667 #1064388 #938162 #975596 #977417

#984779 #985562 #990682

Cross- CVE-2015-9004 CVE-2016-10229 CVE-2016-9604

CVE-2017-1000363 CVE-2017-1000365 CVE-2017-1000380

CVE-2017-10661 CVE-2017-11176 CVE-2017-12153

CVE-2017-12154 CVE-2017-12762 CVE-2017-13080

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:2920-1
Rating: important

Topics%20covered

Topics Covered

security advisory critical privilege escalation kernel system update Denial of Service SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here