SUSE 2018:0386-1 Important: Docker And Containerd DoS And Data Loss

suse

February 7, 2018

An update that solves two vulnerabilities and has 17 fixes is now available.

Summary

This update for docker, docker-runc, containerd, golang-github-docker-libnetwork fixes several issues. These security issues were fixed: - CVE-2017-16539: The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi pathnames, which allowed attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP (bnc#1066801) - CVE-2017-14992: Lack of content verification in docker allowed a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing. (bnc#1066210) These non-security issues were fixed: - bsc#1059011: The systemd service helper script used a timeout of 60

Topics Covered

security advisory denial of service data loss important update docker containerd

References

#1021227 #1029320 #1032287 #1045628 #1046024

#1048046 #1051429 #1053532 #1055676 #1057743

#1058173 #1059011 #1064926 #1065109 #1066210

#1066801 #1069468 #1069758 #1072798

Cross- CVE-2017-14992 CVE-2017-16539

Affected Products:

SUSE OpenStack Cloud 6

SUSE Linux Enterprise Module for Containers 12

https://www.suse.com/security/cve/CVE-2017-14992.html

https://www.suse.com/security/cve/CVE-2017-16539.html

https://bugzilla.suse.com/1021227

https://bugzilla.suse.com/1029320

https://bugzilla.suse.com/1032287

https://bugzilla.suse.com/1045628

https://bugzilla.suse.com/1046024

https://bugzilla.suse.com/1048046

https://bugzilla.suse.com/1051429

https://bugzilla.suse.com/1053532

https://bugzilla.suse.com/1055676

https://bugzilla.suse.com/1057743

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:0386-1

Rating: important

Topics Covered

security advisory denial of service data loss important update docker containerd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 2018:0386-1 Important: Docker And Containerd DoS And Data Loss

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 2018:0386-1 Important: Docker And Containerd DoS And Data Loss

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!