Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

SUSE Linux Enterprise - 2018:3088-1 Important Kernel Security Update

suse
Calendar Grey October 9, 2018
Dist Suse Esm H88
SUSE has released a security patch that resolves 12 vulnerabilities within the Linux kernel, incorporating key enhancements. A system reboot is necessary after the update.
An update that solves 12 vulnerabilities and has 43 fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a local attacker to exploit this vulnerability via a SUID-root binary and obtain full root privileges (bsc#1108912) - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870) - CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in yurex_read allowed local attackers to use user access read/writes to crash the kernel or potentially escalate privileges (bsc#1106095)

References

#1045538 #1048185 #1050381 #1050431 #1057199

#1060245 #1064861 #1068032 #1080157 #1087081

#1092772 #1092903 #1093666 #1096547 #1098822

#1099922 #1100132 #1100705 #1102517 #1102870

#1103119 #1104481 #1104684 #1104818 #1104901

#1105100 #1105322 #1105348 #1105536 #1105723

#1106095 #1106105 #1106199 #1106202 #1106206

#1106209 #1106212 #1106369 #1106509 #1106511

#1106609 #1106886 #1106930 #1106995 #1107001

#1107064 #1107071 #1107650 #1107689 #1107735

#1107949 #1108096 #1108170 #1108823 #1108912

Cross- CVE-2018-10902 CVE-2018-10940 CVE-2018-12896

CVE-2018-14617 CVE-2018-14634 CVE-2018-14734

CVE-2018-15572 CVE-2018-15594 CVE-2018-16276

CVE-2018-16658 CVE-2018-6554 CVE-2018-6555

Affected Pr...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:3088-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.