SUSE: 2018:1173-2 Important: Linux Kernel Denial of Service Issues

suse

October 18, 2018

An update that solves 9 vulnerabilities and has 27 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to 4.4.121 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability that allowed local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643). - CVE-2018-10124: The kill_something_info function in kernel/signal.c might have allowed local users to cause a denial of service via an INT_MIN argument (bnc#1089752). - CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).

Topics Covered

security advisory denial of service code execution important SUSE Linux Kernel

References

#1012382 #1031717 #1046610 #1057734 #1070536

#1075428 #1076847 #1077560 #1082153 #1082299

#1083125 #1083745 #1083836 #1084353 #1084610

#1084721 #1084829 #1085042 #1085185 #1085224

#1085402 #1085404 #1086162 #1086194 #1087088

#1087260 #1087845 #1088241 #1088242 #1088600

#1088684 #1089198 #1089608 #1089644 #1089752

#1090643

Cross- CVE-2017-18257 CVE-2018-10087 CVE-2018-10124

CVE-2018-1087 CVE-2018-7740 CVE-2018-8043

CVE-2018-8781 CVE-2018-8822 CVE-2018-8897

Affected Products:

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2017-18257.html

https://www.suse.com/security/cve/CVE-2018-10087.html

https://www.suse.com/security/cve/CVE-2018-10124.html

https://www.suse.com/security/cve/CVE-2018-1087.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:1173-2

Rating: important

Topics Covered

security advisory denial of service code execution important SUSE Linux Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1173-2 Important: Linux Kernel Denial of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1173-2 Important: Linux Kernel Denial of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!