Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

SUSE: 2020:0456-1 Critical: Linux Kernel Security Patch for Attacks

suse
Calendar Grey January 5, 2018
Dist Suse Esm H88
Important Ubuntu Security Patch for OS Kernel tackles 12 vulnerabilities, enhancing protection against risks. Take action now!
An update that solves 14 vulnerabilities and has three An update that solves 14 vulnerabilities and has three An update that solves 14 vulnerabilities and has three fixes is now av...

Summary

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / "SpectreAttack": Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. This issue is addressed for the x86_64, IBM Power and IBM zSeries architecture.

Topics%20covered

Topics Covered

security advisory critical update security patch kernel SUSE Linux attack mitigation

References

#1012422 #1045205 #1050231 #1066569 #1066693

#1067678 #1068032 #1068671 #1070771 #1070781

#1071074 #1071470 #1071693 #1071694 #1071695

#1072561 #1072876

Cross- CVE-2017-11600 CVE-2017-13167 CVE-2017-15115

CVE-2017-15868 CVE-2017-16534 CVE-2017-16538

CVE-2017-17448 CVE-2017-17449 CVE-2017-17450

CVE-2017-17558 CVE-2017-5715 CVE-2017-5753

CVE-2017-5754 CVE-2017-8824

Affected Products:

SUSE OpenStack Cloud 6

SUSE Linux Enterprise Server for SAP 12-SP1

SUSE Linux Enterprise Server 12-SP1-LTSS

SUSE Linux Enterprise Module for Public Cloud 12

https://www.suse.com/security/cve/CVE-2017-11600.html

https://www.suse.com/security/cve/CVE-2017-13167.html

https://www.suse.com/security/cve/CVE-2017-15115.html

https://www.suse.com/security/cve/CVE-2017-15868.html

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:0031-1
Rating: important

Topics%20covered

Topics Covered

security advisory critical update security patch kernel SUSE Linux attack mitigation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here