SUSE-SU-2018:4208-1 Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3)

This update for the Linux Kernel 4.4.103-638 fixes one issue. The following security issue was fixed: - CVE-2018-5848: Fixed an unsigned integer overflow in wmisetie. This could lead to a buffer overflow bsc1097356...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to 4.12.14-lp150.12.28.1 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18281: The mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the...

SUSE-SU-2018:4127-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes one issue. The following security issue was fixed: - CVE-2018-5848: Fixed an unsigned integer overflow in wmisetie. This could lead to a buffer overflow bsc1097356...

SUSE-SU-2018:3265-1 Security update for the Linux Kernel (Live Patch 38 for SLE 12)

This update for the Linux Kernel 3.12.61-52146 fixes several issues. The following security issues were fixed: - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator i...

SUSE-SU-2018:3238-1 Security update for the Linux Kernel (Live Patch 29 for SLE 12)

This update for the Linux Kernel 3.12.61-52106 fixes several issues. The following security issues were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...

Important: kernel

Issue Overview: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the...

SUSE-SU-2018:2981-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfspluslookup when opening a file that is purportedly a hard link in an hfs+ filesystem that has...

SUSE-SU-2018:2961-1 Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP3)

This update for the Linux Kernel 4.4.143-9447 fixes several issues. The following security issues were fixed: - CVE-2018-5390: Prevent very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming TCP packet which can lead to a denial of service bsc1102682. - CVE-2018-10938:...

SUSE-SU-2018:2938-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15)

This update for the Linux Kernel 4.12.14-256 fixes one issue. The following security issue was fixed: - CVE-2018-10938: It was found that a crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c...

SUSE-SU-2018:2940-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15)

This update for the Linux Kernel 4.12.14-253 fixes several issues. The following security issues were fixed: - CVE-2018-10938: It was found that a crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4...

SUSE-SU-2018:2933-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15)

This update for the Linux Kernel 4.12.14-2511 fixes several issues. The following security issues were fixed: - CVE-2018-15471: An issue was discovered in xenvifsethashmapping in drivers/net/xen-netback/hash.c. The Linux netback driver allowed frontends to control mapping of requests to request...

SUSE-SU-2018:2862-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13093: Prevent NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image...

SUSE-SU-2018:2860-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed: - CVE-2018-5390: Prevent very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming TCP packet which can lead to a denial of service bsc1102682. - CVE-2018-100002...

CVE-2018-16276

An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...

CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...

SUSE-SU-2018:2374-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the ...

SUSE-SU-2018:2363-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606482 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE-SU-2018:2369-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12)

This update for the Linux Kernel 3.12.61-52136 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE-SU-2018:2345-1 Security update for the Linux Kernel (Live Patch 34 for SLE 12)

This update for the Linux Kernel 3.12.61-52128 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE-SU-2018:2328-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5390 aka 'SegmentSmack': Linux kernel could be forced to make very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every...