SUSE-SU-2017:2783-1 Security update for Linux Kernel Live Patch 12 for SLE 12 SP1

This update for the Linux Kernel 3.12.69-606429 fixes one issue. The following security bugs were fixed: - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial...

SUSE-SU-2017:2785-1 Security update for Linux Kernel Live Patch 8 for SLE 12 SP1

This update for the Linux Kernel 3.12.62-60648 fixes one issue. The following security bugs were fixed: - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial ...

SUSE-SU-2017:2769-1 Security update for Linux Kernel Live Patch 20 for SLE 12

This update for the Linux Kernel 3.12.61-5269 fixes one issue. The following security bugs were fixed: - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial o...

kernel security and bug fix update

3.10.0-693.5.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.5.2 - mm pagecgroup: Fix Kernel bug during boot with memory cgroups enabled...

Kernel security update: CVE-2017-15274; Virtuozzo ReadyKernel patch 34.0 for Virtuozzo 7.0.x

The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3, 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4,...

SUSE-SU-2017:2694-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in...

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important kernel security update: CVE-2017-14489 and other; Virtuozzo ReadyKernel patch 31.1 for Virtuozzo 7.0.0

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to Virtuozzo kernel 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0. Vulnerability id: PSBM-72405 An unprivileged user inside a container could cause a denial of service kernel crash in userread function using ...

SUSE-SU-2017:2497-1 Security update for Linux Kernel Live Patch 24 for SLE 12

This update for the Linux Kernel 3.12.61-5283 fixes several issues. The following security bugs were fixed: - CVE-2017-1000112: Prevent a race condition in net-packet code that could have been exploited by unprivileged users to gain root access bsc1052368. - CVE-2017-7645: The NFSv2/NFSv3 server ...

SUSE-SU-2017:2476-1 Security update for Linux Kernel Live Patch 26 for SLE 12

This update for the Linux Kernel 3.12.61-5289 fixes several issues. The following security bugs were fixed: - CVE-2017-9242: The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel was too late in checking whether an overwrite of an skb data structure may occur, which allowed local...

kernel: security: The built-in keyrings for security tokens can be joined as a session and then modified by the root user

It was discovered that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or '.builtintrustedkeys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyri...

Kernel security update: CVE-2017-9242 and other; Virtuozzo ReadyKernel patch 30.3 for Virtuozzo 7.0.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 Virtuozzo 7.0.5. Vulnerability id: CVE-2017-7558 A kernel data leak due to an out-of-bound read was found in the Linux kernel in...

Kernel security update: CVE-2017-9242 and other; Virtuozzo ReadyKernel patch 30.3 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-9242 The...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-103.3.8 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 4.1.12-103.3.7 - i40e/i40evf: check for stopped admin queue Mitch Williams Orabug: 26654222 4.1.12-103.3.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645497...

Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.0 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-1000111 A...

kernel security, bug fix, and enhancement update

...

SUSE-SU-2017:2093-1 Security update for Linux Kernel Live Patch 17 for SLE 12

This update for the Linux Kernel 3.12.60-5260 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote...

SUSE-SU-2017:2062-1 Security update for Linux Kernel Live Patch 0 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-69 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-8797: The NFSv4 server in the Linux kernel did not properly validate the layout type whe...

kernel security, bug fix, and enhancement update

...