Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

SUSE 15: 2018:2980-1 Important: Linux Kernel Security Update

suse
Calendar Grey October 2, 2018
Scroller Suse Esm H88
SUSE has released a crucial security update for the Linux Kernel, addressing 13 vulnerabilities, which encompass significant memory and service-related concerns.
An update that solves 13 vulnerabilities and has 134 fixes is now available

Summary

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870) - CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, caused by a lack of block group item validation in check_leaf_item (bsc#1102896). - CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)

References

#1012382 #1043912 #1044189 #1046302 #1046306

#1046307 #1046543 #1050244 #1051510 #1054914

#1055014 #1055117 #1058659 #1060463 #1064232

#1065600 #1065729 #1068032 #1069138 #1071995

#1077761 #1077989 #1078720 #1080157 #1082555

#1083647 #1083663 #1084332 #1085042 #1085262

#1086282 #1089663 #1090528 #1092903 #1093389

#1094244 #1095344 #1096748 #1097105 #1098459

#1098822 #1099922 #1099999 #1100000 #1100001

#1100132 #1101557 #1101669 #1102346 #1102870

#1102875 #1102877 #1102879 #1102882 #1102896

#1103363 #1103387 #1103421 #1103948 #1103949

#1103961 #1104172 #1104353 #1104824 #1105247

#1105524 #1105536 #1105597 #1105603 #1105672

#1105907 #1106007 #1106016 #1106105 #1106121

#1106170 #110...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:2980-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.