Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

SUSE: 2018:0012-1 Important: Kernel Update Mitigates Local Attacks

suse
Calendar Grey January 4, 2018
Dist Suse Esm H88
Essential SUSE Security Patch: The Kernel resolves numerous security flaws and incorporates vital corrections for critical concerns.
An update that solves 5 vulnerabilities and has 13 fixes is An update that solves 5 vulnerabilities and has 13 fixes is An update that solves 5 vulnerabilities and has 13 fixes is ...

Summary

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / "SpecŧreAttack": Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. - CVE-2017-5715 / "SpectreAttack": Local attackers on systems with modern

Topics%20covered

Topics Covered

security advisory important kernel local attack threat mitigation SUSE

References

#1012382 #1039616 #1047487 #1063043 #1064311

#1065180 #1068032 #1068951 #1071009 #1072556

#1072962 #1073090 #1073792 #1073809 #1073874

#1073912 #964063 #969470

Cross- CVE-2017-17805 CVE-2017-17806 CVE-2017-5715

CVE-2017-5753 CVE-2017-5754

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP2

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Live Patching 12

SUSE Linux Enterprise High Availability 12-SP2

SUSE Linux Enterprise Desktop 12-SP2

OpenStack Cloud Magnum Orchestration 7

https://www.suse.com/security/cve/CVE-2017-17805.html

https://www.suse.com/security/cve/CVE-2017-17806.html

https://www.suse.com/securit...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:0012-1
Rating: important

Topics%20covered

Topics Covered

security advisory important kernel local attack threat mitigation SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here