Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

SUSE: 2018:2374-1 Important: Linux Kernel DoS & Sensitivity Leak Fixes

suse
Calendar Grey August 16, 2018
Scroller Suse
SUSE Security Bulletin tackles significant Linux Kernel concerns by implementing a range of corrections and addressing security loopholes.
An update that solves 6 vulnerabilities and has 63 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data. (bnc#1087081). - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system. (bnc#1089343). - CVE-2018-5391: A flaw in the IP packet reassembly could be used by

References

#1012382 #1023711 #1064232 #1076110 #1078216

#1082653 #1082979 #1085042 #1085536 #1085657

#1087081 #1087659 #1089343 #1089525 #1090123

#1090340 #1090435 #1090888 #1091107 #1092001

#1092207 #1093777 #1094120 #1094244 #1095453

#1095643 #1096790 #1096978 #1097034 #1097501

#1097771 #1098599 #1099306 #1099713 #1099792

#1099810 #1099858 #1099918 #1099966 #1099993

#1100089 #1100132 #1100340 #1100843 #1100930

#1101296 #1101331 #1101658 #1101789 #1102188

#1102197 #1102203 #1102205 #1102207 #1102211

#1102214 #1102215 #1102340 #1102394 #1102683

#1102851 #1103097 #1103119 #1103580 #1103717

#1103745 #1103884 #1104174 #997935

Cross- CVE-2017-18344 CVE-2018-14734 CVE-2018-3620

CVE-2018-3646 CVE-2018-5390 CVE-2018...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:2374-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.