Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

SUSE: 2018:2366-1 Important: Linux Kernel Security Flaws

suse
Calendar Grey August 16, 2018
Scroller Suse
Essential SUSE security patch for Linux kernel addresses 11 vulnerabilities and ensures vital enhancements for system integrity.
An update that solves 13 vulnerabilities and has four fixes is now available

Summary

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942). - CVE-2017-13305: A information disclosure vulnerability existed in the encrypted-keys handling. (bnc#1094353). - CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device could lead to a local kernel information leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to

References

#1082962 #1083900 #1085107 #1087081 #1089343

#1092904 #1094353 #1096480 #1096728 #1097234

#1098016 #1099924 #1099942 #1100418 #1104475

#1104684 #909361

Cross- CVE-2016-8405 CVE-2017-13305 CVE-2018-1000204

CVE-2018-1068 CVE-2018-1130 CVE-2018-12233

CVE-2018-13053 CVE-2018-13406 CVE-2018-3620

CVE-2018-3646 CVE-2018-5803 CVE-2018-5814

CVE-2018-7492

Affected Products:

SUSE Linux Enterprise Server 11-SP3-LTSS

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Point of Sale 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2016-8405.html

https://www.suse.com/security/cve/CVE-2017-13305.html

https://www.suse.com/security/cve/CVE-2018-1000204.html

https://www.suse.com/security/cve/CVE-2018-1068.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:2366-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.