Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

SUSE: 2017:3107-1 Critical: Kernel-Updates Vulnerability Patch

suse
Calendar Grey November 27, 2017
Dist Suse Esm H88
SUSE reveals a new security patch for kernel-firmware tackling significant replay attack flaws. Get the full details here!
An update that fixes two vulnerabilities is now available

Summary

This update for kernel-firmware fixes the following issues: - Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters. Security issues fixed are part of the "KRACK" attacks affecting the firmware: - CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks (bsc#1066295): - CVE-2017-13081: The reinstallation of the Integrity Group Temporal key could be used for replay attacks (bsc#1066295): Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1918=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1918=1

References

#1066295

Cross- CVE-2017-13080 CVE-2017-13081

Affected Products:

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Desktop 12-SP3

SUSE Linux Enterprise Desktop 12-SP2

SUSE Container as a Service Platform ALL

https://www.suse.com/security/cve/CVE-2017-13080.html

https://www.suse.com/security/cve/CVE-2017-13081.html

https://bugzilla.suse.com/1066295

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:3106-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.