Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2018:3084-1 Important: Linux Kernel Critical Security Advisory

suse
Calendar Grey October 9, 2018
Dist Suse Esm H88
SUSE Linux Kernel has addressed 28 security vulnerabilities, significantly improving both system stability and security. It is advised to apply the recommended updates.
An update that solves 28 vulnerabilities and has 28 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. - CVE-2018-10853: A flaw was found in the way the KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest (bnc#1097104). - CVE-2018-10876: A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. (bnc#1099811) - CVE-2018-10877: Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating

Topics%20covered

Topics Covered

security advisory security update critical DoS kernel system crash SUSE Linux Enterprise

References

#1012382 #1042286 #1062604 #1064232 #1065364

#1082519 #1082863 #1084536 #1085042 #1088810

#1089066 #1092903 #1094466 #1095344 #1096547

#1097104 #1099597 #1099811 #1099813 #1099844

#1099845 #1099846 #1099849 #1099863 #1099864

#1099922 #1099993 #1099999 #1100000 #1100001

#1100152 #1102517 #1102715 #1102870 #1103445

#1104319 #1104495 #1105292 #1105296 #1105322

#1105348 #1105396 #1105536 #1106016 #1106095

#1106369 #1106509 #1106511 #1106512 #1106594

#1107689 #1107735 #1107966 #1108239 #1108399

#1109333

Cross- CVE-2018-10853 CVE-2018-10876 CVE-2018-10877

CVE-2018-10878 CVE-2018-10879 CVE-2018-10880

CVE-2018-10881 CVE-2018-10882 CVE-2018-10883

CVE-2018-10902 CVE-2018-10938 CVE-2018-10940

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:3084-1
Rating: important

Topics%20covered

Topics Covered

security advisory security update critical DoS kernel system crash SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here