SUSE-SU-2018:1006-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12)

This update for the Linux Kernel 3.12.61-5280 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE-SU-2018:1018-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606466 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE-SU-2018:1025-1 Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606440 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE-SU-2018:1003-1 Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9267 fixes several issues. The following security issues were fixed: - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2 video driver bsc1085447. - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface for bridging...

SUSE-SU-2018:0990-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed: - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2 video driver bsc1085447. - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface for bridging...

kernel security, bug fix, and enhancement update

3.10.0-862.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862 - netdrv i40e: Fix attach VF to VM issue Stefan Assmann 1528123 - netdrv ixgbevf:...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Unbreakable Enterprise kernel security update

4.1.12-112.16.7 - mlx4: change the ICM table allocations to lowest needed size Daniel Jurgens Orabug: 27718305 - autofs: use dentry flags to block walks during expire Ian Kent Orabug: 26032471 Orabug: 27766149 - autofs races Al Viro Orabug: 27766149 Orabug: 27766149 - crypto: FIPS - allow tests t...

CVE-2018-5824

In CVE-2018-5824, Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF-based Linux kernels prior to the 2018-04-05 patch level are vulnerable to a buffer overflow when processing HTT_T2H_MSG_TYPE_RX_FLUSH or HTT_T2H_MSG_TYPE_RX_PN_IND messages if the firmware tid value is out of r...

Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.7

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the Virtuozzo 7.0 kernel 3.10.0-693.17.1.vz7.43.10 7.0.7. Vulnerability id: CVE-2018-1068 It was discovered that the implementation of ebtables in the kernel did not properly validate th...

Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.1 to 7.0.6 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported Virtuozzo 7.0 kernels except 3.10.0-693.17.1.vz7.43.10 7.0.7. Vulnerability id: CVE-2018-1068 It was discovered that the implementation of ebtables in the kernel did not properly validat...

kernel security and bug fix update

2.6.32-696.23.1.OL6 - Update genkey bug 25599697 2.6.32-696.23.1 - scsi avoid a permanent stop of the scsi device's request queue Ewan Milne 1519857 1513455 - x86 retpoline/hyperv: Convert assembler indirect jumps Waiman Long 1543022 1535645 - x86 specctrl: Upgrade GCC retpoline warning to an err...

SUSE-SU-2018:0591-1 Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP2)

This update for the Linux Kernel 4.4.90-9250 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...

SUSE-SU-2018:0592-1 Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)

This update for the Linux Kernel 4.4.90-612 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...

SUSE-SU-2018:0596-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3)

This update for the Linux Kernel 4.4.92-630 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...

SUSE-SU-2018:0568-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP2)

This update for the Linux Kernel 4.4.49-9211 fixes one issue. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...

CVE-2017-18208

CVE-2017-18208 affects the Linux kernel prior to 4.14.4. The vulnerability lies in the MADVISE_WILLNEED handling in mm/madvise.c, where triggering MADVISE_WILLNEED for a DAX mapping allows a local attacker to cause a denial of service via an infinite loop. The issue is local in scope and is tied ...

CVE-2018-7273

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

CVE-2018-7273

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...