SUSE: 2018:1855-1 Important: Linux Kernel Security Update

suse

June 29, 2018

An update that solves 14 vulnerabilities and has 15 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5848: In the function wmi_set_ie(), the length validation code did not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument could have caused a buffer overflow (bnc#1097356) - CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO ioctl (bsc#1096728). - CVE-2017-18249: The add_free_nid function did not properly track an allocated nid, which allowed local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads (bnc#1087036) - CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and

Topics Covered

security advisory denial of service kernel update security fix information disclosure SUSE system crash

References

#1068032 #1079152 #1082962 #1083650 #1083900

#1085185 #1086400 #1087007 #1087012 #1087036

#1087086 #1087095 #1089895 #1090534 #1090955

#1092497 #1092552 #1092813 #1092904 #1094033

#1094353 #1094823 #1095042 #1096140 #1096242

#1096281 #1096728 #1097356 #973378

Cross- CVE-2017-13305 CVE-2017-18241 CVE-2017-18249

CVE-2018-1000199 CVE-2018-1000204 CVE-2018-1065

CVE-2018-1092 CVE-2018-1093 CVE-2018-1094

CVE-2018-1130 CVE-2018-3665 CVE-2018-5803

CVE-2018-5848 CVE-2018-7492

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Enterprise Storage 4

OpenStack Cloud Magnum Orchestration 7

https://www.suse.com/security/cve/CVE-2017-13305.html

...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:1855-1

Rating: important

Topics Covered

security advisory denial of service kernel update security fix information disclosure SUSE system crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1855-1 Important: Linux Kernel Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1855-1 Important: Linux Kernel Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!