Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

SUSE: 2017:3165-1 Critical Update: Linux Kernel Denial of Service Fix

suse
Calendar Grey November 30, 2017
Dist Suse Esm H88
Crucial SUSE Security Patch for the Linux Kernel addresses significant concerns and weaknesses impacting overall system reliability.
An update that solves 5 vulnerabilities and has 17 fixes is An update that solves 5 vulnerabilities and has 17 fixes is An update that solves 5 vulnerabilities and has 17 fixes is ...

Summary

The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667). - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327). - CVE-2017-15265: Race condition in the ALSA subsystem in the Linux kernel

Topics%20covered

Topics Covered

security advisory update DoS important kernel SUSE

References

#1022967 #1036286 #1044228 #1045327 #1052593

#1053317 #1056230 #1056504 #1057796 #1059051

#1059525 #1060245 #1060665 #1061017 #1061180

#1062520 #1062842 #1063301 #1063544 #1063667

#909484 #996376

Cross- CVE-2017-1000253 CVE-2017-13080 CVE-2017-14489

CVE-2017-15265 CVE-2017-15274

Affected Products:

SUSE Linux Enterprise Real Time Extension 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2017-1000253.html

https://www.suse.com/security/cve/CVE-2017-13080.html

https://www.suse.com/security/cve/CVE-2017-14489.html

https://www.suse.com/security/cve/CVE-2017-15265.html

https://www.suse.com/security/cve/CVE-2017-15274.html

https://bugzilla.suse.com/1022967

https://bugzilla.suse.com/1036286

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:3165-1
Rating: important

Topics%20covered

Topics Covered

security advisory update DoS important kernel SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here