SUSE-SU-2018:2933-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15)

This update for the Linux Kernel 4.12.14-2511 fixes several issues. The following security issues were fixed: - CVE-2018-15471: An issue was discovered in xenvifsethashmapping in drivers/net/xen-netback/hash.c. The Linux netback driver allowed frontends to control mapping of requests to request...

SUSE-SU-2018:2860-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed: - CVE-2018-5390: Prevent very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming TCP packet which can lead to a denial of service bsc1102682. - CVE-2018-100002...

CVE-2018-16276

An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...

CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...

SUSE-SU-2018:2369-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12)

This update for the Linux Kernel 3.12.61-52136 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

EUVD-2017-9469

The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This allows userspace applications ...

SUSE-SU-2018:1514-1 Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606448 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Inte...

SUSE-SU-2018:1539-1 Security update for the Linux Kernel (Live Patch 33 for SLE 12)

This update for the Linux Kernel 3.12.61-52125 fixes several issues. The following security issues were fixed: - CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all...

SUSE-SU-2018:1254-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606451 fixes several issues. The following security issues were fixed: - CVE-2018-1000199: A bug in x86 debug register handling of ptrace could lead to memory corruption, possibly a denial of service or privilege escalation bsc1090036. - CVE-2017-0861:...

SUSE-SU-2018:1255-1 Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606485 fixes several issues. The following security issues were fixed: - CVE-2018-1000199: A bug in x86 debug register handling of ptrace could lead to memory corruption, possibly a denial of service or privilege escalation bsc1090036. - CVE-2017-0861:...

SUSE-SU-2018:1234-1 Security update for the Linux Kernel (Live Patch 28 for SLE 12)

This update for the Linux Kernel 3.12.61-52101 fixes several issues. The following security issues were fixed: - CVE-2018-1000199: A bug in x86 debug register handling of ptrace could lead to memory corruption, possibly a denial of service or privilege escalation bsc1090036. - CVE-2017-0861:...

SUSE-SU-2018:1016-1 Security update for the Linux Kernel (Live Patch 31 for SLE 12)

This update for the Linux Kernel 3.12.61-52119 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE-SU-2018:1025-1 Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606440 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE-SU-2018:0990-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed: - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2 video driver bsc1085447. - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface for bridging...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE-SU-2018:0592-1 Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)

This update for the Linux Kernel 4.4.90-612 fixes several issues. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...

SUSE-SU-2018:0568-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP2)

This update for the Linux Kernel 4.4.49-9211 fixes one issue. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt...

SUSE-SU-2018:0301-1 Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2)

This update for the Linux Kernel 4.4.103-9256 fixes one issue. The following security issue was fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230...

SUSE-SU-2018:0281-1 Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2)

This update for the Linux Kernel 4.4.90-9245 fixes several issues. The following security issues were fixed: - CVE-2017-17712: The rawsendmsg function had a race condition that lead to uninitialized stack pointer usage. This allowed a local user to execute code and gain privileges bsc1073230. -...

SUSE-SU-2017:3323-1 Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP1)

This update for the Linux Kernel 3.12.67-606424 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...