Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 596
Alerts This Week
Warning Icon 1 596

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":100,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
100

SUSE: 2018:3100-1 Important: Linux Kernel Use-After-Free Risk

An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3100-1 Rating: important References: #1108399 #1109967 Cross-References: CVE-2018-17182 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-17182: An issue was discovered in the Linux kernel The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399). The following non-security bugs were fixed: - x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-20181003-13812=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-20181003-13812=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patchslexsp3-kernel-20181003-13812=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-20181003-13812=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-108.77.1 kernel-default-base-3.0.101-108.77.1 kernel-default-devel-3.0.101-108.77.1 kernel-source-3.0.101-108.77.1 kernel-syms-3.0.101-108.77.1 kernel-trace-3.0.101-108.77.1 kernel-trace-base-3.0.101-108.77.1 kernel-trace-devel-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-108.77.1 kernel-ec2-base-3.0.101-108.77.1 kernel-ec2-devel-3.0.101-108.77.1 kernel-xen-3.0.101-108.77.1 kernel-xen-base-3.0.101-108.77.1 kernel-xen-devel-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-108.77.1 kernel-bigmem-base-3.0.101-108.77.1 kernel-bigmem-devel-3.0.101-108.77.1 kernel-ppc64-3.0.101-108.77.1 kernel-ppc64-base-3.0.101-108.77.1 kernel-ppc64-devel-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-108.77.1 kernel-pae-base-3.0.101-108.77.1 kernel-pae-devel-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-108.77.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-108.77.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-108.77.1 kernel-default-debugsource-3.0.101-108.77.1 kernel-trace-debuginfo-3.0.101-108.77.1 kernel-trace-debugsource-3.0.101-108.77.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-108.77.1 kernel-trace-devel-debuginfo-3.0.101-108.77.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-108.77.1 kernel-ec2-debugsource-3.0.101-108.77.1 kernel-xen-debuginfo-3.0.101-108.77.1 kernel-xen-debugsource-3.0.101-108.77.1 kernel-xen-devel-debuginfo-3.0.101-108.77.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-108.77.1 kernel-bigmem-debugsource-3.0.101-108.77.1 kernel-ppc64-debuginfo-3.0.101-108.77.1 kernel-ppc64-debugsource-3.0.101-108.77.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-108.77.1 kernel-pae-debugsource-3.0.101-108.77.1 kernel-pae-devel-debuginfo-3.0.101-108.77.1 References: https://www.suse.com/security/cve/CVE-2018-17182.html https://bugzilla.suse.com/1108399 https://bugzilla.suse.com/1109967 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE has released a security patch addressing a kernel vulnerability that permits privilege escalation via a use-after-free exploitation technique. More information available.. SUSE Linux Kernel Update, Security Vulnerability Fix, SUSE Advisory, Kernel Security Patch. . LinuxSecurity.com Team

Calendar%202 Oct 11, 2018 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":100,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200