SUSE: 2018:2879-1 Important: Kernel Security Fixes - Denial of Service

suse

September 26, 2018

An update that solves 12 vulnerabilities and has 48 fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870). - CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in yurex_read allowed local attackers to use user access read/writes to crash the kernel or potentially escalate privileges (bsc#1106095). - CVE-2018-15594: Ensure correct handling of indirect calls, to prevent attackers for conducting Spectre-v2 attacks against paravirtual guests (bsc#1105348).

Topics Covered

security advisory critical access control kernel Denial of Service SUSE

References

#1037441 #1045538 #1047487 #1048185 #1050381

#1050431 #1057199 #1060245 #1064861 #1068032

#1080157 #1087081 #1092772 #1092903 #1093666

#1096547 #1097562 #1098822 #1099922 #1100132

#1100705 #1102517 #1102870 #1103119 #1103884

#1103909 #1104481 #1104684 #1104818 #1104901

#1105100 #1105322 #1105348 #1105536 #1105723

#1106095 #1106105 #1106199 #1106202 #1106206

#1106209 #1106212 #1106369 #1106509 #1106511

#1106609 #1106886 #1106930 #1106995 #1107001

#1107064 #1107071 #1107650 #1107689 #1107735

#1107949 #1108096 #1108170 #1108823 #1108912

Cross- CVE-2018-10902 CVE-2018-10940 CVE-2018-12896

CVE-2018-14617 CVE-2018-14634 CVE-2018-14734

CVE-2018-15572 CVE-2018-15594 CVE-2018-16276

CVE-201...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:2879-1

Rating: important

Topics Covered

security advisory critical access control kernel Denial of Service SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2879-1 Important: Kernel Security Fixes - Denial of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2879-1 Important: Kernel Security Fixes - Denial of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!