SUSE: 2017:3297-1 Important: Kernel Live Patch Fixes Critical Threats
suse
December 14, 2017
An update that solves two vulnerabilities and has two fixes An update that solves two vulnerabilities and has two fixes An update that solves two vulnerabilities and has two fixes ...
Summary
This update for the Linux Kernel 4.4.74-92_38 fixes several issues. The following security issues were fixed: - CVE-2017-1000405: Problematic use of pmd_mkdirty() in the touch_pmd() function allowed users to overwrite read-only huge pages (e.g. the zero huge page and sealed shmem files) (bsc#1070307). - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bsc#1069708). This non-security issue was fixed: - bsc#1062847: Enable proper shut down if NIC teaming is enabled Patch Instructions: To install this SUSE Security Update use YaST online_update.
References
#1055567 #1062847 #1069708 #1070307
Cross- CVE-2017-1000405 CVE-2017-16939
Affected Products:
SUSE Linux Enterprise Live Patching 12
https://www.suse.com/security/cve/CVE-2017-1000405.html
https://www.suse.com/security/cve/CVE-2017-16939.html
https://bugzilla.suse.com/1055567
https://bugzilla.suse.com/1062847
https://bugzilla.suse.com/1069708
https://bugzilla.suse.com/1070307
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2017:3297-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!