Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

SUSE: 2018:2862-1 Important: DoS and Memory Issues Fix for Kernel

suse
Calendar Grey September 25, 2018
Scroller Suse Esm H88
Important advisory from SUSE on critical security patches for the Linux Kernel addressing various vulnerabilities impacting SUSE Linux environments.
An update that solves 12 vulnerabilities and has 83 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occured because of a lack of proper validation that cached inodes are free during allocation (bnc#1100001) - CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that could have occurred for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork (bnc#1099999) - CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)

References

#1012382 #1015342 #1015343 #1017967 #1019695

#1019699 #1020412 #1021121 #1022604 #1024361

#1024365 #1024376 #1027968 #1030552 #1031492

#1033962 #1042286 #1048317 #1050431 #1053685

#1055014 #1056596 #1062604 #1063646 #1064232

#1066223 #1068032 #1068075 #1069138 #1078921

#1080157 #1083663 #1085042 #1085536 #1085539

#1087092 #1089066 #1090888 #1092903 #1096748

#1097105 #1098822 #1099597 #1099810 #1099832

#1099922 #1099999 #1100000 #1100001 #1100132

#1102346 #1102486 #1102517 #1104485 #1104683

#1105271 #1105296 #1105322 #1105323 #1105392

#1105396 #1105524 #1105536 #1105769 #1106016

#1106105 #1106185 #1106191 #1106229 #1106271

#1106275 #1106276 #1106278 #1106281 #1106283

#1106369 #110...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:2862-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.