SUSE: 2018:1548-1 Important: Kernel Patch Addresses Critical Issues
suse
June 5, 2018
An update that solves four vulnerabilities and has one errata is now available
Summary
This update for the Linux Kernel 4.4.90-92_45 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447). - CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions
References
#1083125 #1085447 #1090368 #1090646 #1090869
Cross- CVE-2017-13166 CVE-2018-1087 CVE-2018-8781
CVE-2018-8897
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
https://www.suse.com/security/cve/CVE-2017-13166.html
https://www.suse.com/security/cve/CVE-2018-1087.html
https://www.suse.com/security/cve/CVE-2018-8781.html
https://www.suse.com/security/cve/CVE-2018-8897.html
https://bugzilla.suse.com/1083125
https://bugzilla.suse.com/1085447
https://bugzilla.suse.com/1090368
https://bugzilla.suse.com/1090646
https://bugzilla.suse.com/1090869
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2018:1548-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!