SUSE Linux Enterprise Server: 2018:0115-1 Important Kernel Security Update

suse

January 16, 2018

An update that solves 14 vulnerabilities and has one errata is now available.

Summary

The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / "SpectreAttack": Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. This issue is addressed for the x86_64, the IBM Power and IBM zSeries architecture.

Topics Covered

security advisory kernel update important system patch security issues SUSE Linux Enterprise Server local attacks

References

#1045205 #1050231 #1066569 #1066693 #1068032

#1068671 #1070771 #1070781 #1071074 #1071470

#1071693 #1071694 #1071695 #1072561 #1072876

Cross- CVE-2017-11600 CVE-2017-13167 CVE-2017-15115

CVE-2017-15868 CVE-2017-16534 CVE-2017-16538

CVE-2017-17448 CVE-2017-17449 CVE-2017-17450

CVE-2017-17558 CVE-2017-5715 CVE-2017-5753

CVE-2017-5754 CVE-2017-8824

Affected Products:

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Module for Public Cloud 12

https://www.suse.com/security/cve/CVE-2017-11600.html

https://www.suse.com/security/cve/CVE-2017-13167.html

https://www.suse.com/security/cve/CVE-2017-15115.html

https://www.suse.com/security/cve/CVE-2017-15868.html

https://www.suse.com/security/cve/CVE-2017-16534.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:0115-1

Rating: important

Topics Covered

security advisory kernel update important system patch security issues SUSE Linux Enterprise Server local attacks

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise Server: 2018:0115-1 Important Kernel Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise Server: 2018:0115-1 Important Kernel Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!