SUSE: 2018:2908-1 Important: Multiple Linux Kernel Exploits Addressed

suse

September 27, 2018

An update that solves 19 vulnerabilities and has 19 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP1 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a local attacker to exploit this vulnerability via a SUID-root binary and obtain full root privileges (bsc#1108912) - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870) - CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in yurex_read allowed local attackers to use user access read/writes to crash the kernel or potentially escalate privileges (bsc#1106095)

Topics Covered

security advisory denial of service patch important SUSE exploits Linux Kernel

References

#1012382 #1024788 #1062604 #1064233 #1065999

#1090534 #1090955 #1091171 #1092903 #1096547

#1097104 #1097108 #1099811 #1099813 #1099844

#1099845 #1099846 #1099849 #1099863 #1099864

#1099922 #1100001 #1102870 #1103445 #1104319

#1104495 #1104818 #1104906 #1105100 #1105322

#1105323 #1105396 #1106095 #1106369 #1106509

#1106511 #1107689 #1108912

Cross- CVE-2018-10853 CVE-2018-10876 CVE-2018-10877

CVE-2018-10878 CVE-2018-10879 CVE-2018-10880

CVE-2018-10881 CVE-2018-10882 CVE-2018-10883

CVE-2018-10902 CVE-2018-10940 CVE-2018-12896

CVE-2018-13093 CVE-2018-14617 CVE-2018-14634

CVE-2018-16276 CVE-2018-16658 CVE-2018-6554

CVE-2018-6555

Affected Products:

SUSE Linux Enterprise Server 12-SP1-LTSS

SUS...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:2908-1

Rating: important

Topics Covered

security advisory denial of service patch important SUSE exploits Linux Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2908-1 Important: Multiple Linux Kernel Exploits Addressed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2908-1 Important: Multiple Linux Kernel Exploits Addressed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!